Skip to content

Issues: cisagov/Malcolm

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort

Issues list

Not Populate Malcolm_beats_* bug Something isn't working
#508 opened Nov 22, 2024 by devilman85
The Suricata alert did not appear on the dashboard bug Something isn't working
#507 opened Nov 22, 2024 by alleniverson33
updates to documentation for Docker-based installation examples doc Relating to Malcolm documentation
#506 opened Nov 20, 2024 by mmguero z.staging
yes/no/back dialog buttons in install/configure scripts don't work correctly on Ubuntu 22.04 bug Something isn't working install.py Relating to the install.py configuration script UI Relating to general UI experience
#505 opened Nov 20, 2024 by mmguero z.staging
extend intel.log with additional fields using corelight/ExtendIntel arkime Relating to Malcolm's use of Arkime dashboards Relating to Malcolm's OpenSearch Dashboards interface enhancement New feature or request external Depends on a bug or feature external to this project intel Related to integration with threat intel feeds logstash Relating to Malcolm's use of Logstash zeek Relating to Malcolm's use of Zeek
#502 opened Nov 19, 2024 by mmguero
7 tasks
z.staging
somehow NetBox gets into a read-only mode bug Something isn't working netbox Related to Malcolm's use of NetBox
#501 opened Nov 19, 2024 by mmguero z.staging
use new arkime tag-hiding feature to hide netbox tag from UI arkime Relating to Malcolm's use of Arkime enhancement New feature or request
#495 opened Nov 14, 2024 by mmguero v24.12.0
Mandiant threat intel source doesn't get split correctly when using JSON zeek log format bug Something isn't working logstash Relating to Malcolm's use of Logstash zeek Relating to Malcolm's use of Zeek
#494 opened Nov 14, 2024 by mmguero v24.12.0
standardize container health checks into scripts for all docker containers cloud Relating to deployment of Malcolm in the cloud and/or with Kubernetes docker Relating to docker and docker-compose as used by Malcolm enhancement New feature or request
#491 opened Nov 7, 2024 by mmguero v24.12.0
uploading zeek log files with rolled-over filenames including the date don't get the log type detected correctly bug Something isn't working logstash Relating to Malcolm's use of Logstash regression It worked at one point... upload Relating to PCAP and/or Zeek log ingestion
#490 opened Nov 7, 2024 by mmguero v24.12.0
OpenSearch to Splunk export/searching capabilities enhancement New feature or request opensearch Relating to Malcolm's use of OpenSearch research Research or proof-of-concept for an idea
#487 opened Nov 5, 2024 by mmguero
automated testing testing Related to automated system testing of Malcolm
#486 opened Nov 5, 2024 by mmguero v24.12.0
investigate Strelka for file scanning carving Relating to carving (extraction) of files from traffic and the scanning of those files enhancement New feature or request research Research or proof-of-concept for an idea
#485 opened Nov 5, 2024 by mmguero
not parsing Profinet Real-Time Protocol directly on ethernet frame ics Relating to ICS (Industrial Control Systems) devices zeek Relating to Malcolm's use of Zeek
#484 opened Nov 5, 2024 by mmguero
install.py should recommend different settings for minimal memory instances, if possible install.py Relating to the install.py configuration script opensearch Relating to Malcolm's use of OpenSearch performance Related to speed/performance
#483 opened Nov 5, 2024 by mmguero
support HTTP proxy for geoip database, rule updates, etc. enhancement New feature or request
#482 opened Nov 5, 2024 by mmguero
replace logstash with fluentd beats Relating to Malcolm's use of Beats enhancement New feature or request logstash Relating to Malcolm's use of Logstash research Research or proof-of-concept for an idea sensor For issues dealing with the Hedgehog OS capture sensor
#481 opened Nov 5, 2024 by mmguero
AIDE false positives in ISO-installed Hedgehog and Malcolm bug Something isn't working iso relating to the ISO-installed environment for Malcolm and/or Hedgehog Linux Related to running Malcolm under Linux security Related to issues with bearing on the security of Malcolm itself
#480 opened Nov 5, 2024 by mmguero
optimize OpenSearch index storage opensearch Relating to Malcolm's use of OpenSearch performance Related to speed/performance
#479 opened Nov 5, 2024 by mmguero
Compare NetBox inventory with database of known vulnerabilities enhancement New feature or request external Depends on a bug or feature external to this project netbox Related to Malcolm's use of NetBox
#478 opened Nov 5, 2024 by mmguero
Populate NetBox inventory via active discovery enhancement New feature or request external Depends on a bug or feature external to this project netbox Related to Malcolm's use of NetBox
#477 opened Nov 5, 2024 by mmguero
allow forwarding setup to specify Malcolm connection information in one place (vs. three) enhancement New feature or request iso relating to the ISO-installed environment for Malcolm and/or Hedgehog sensor For issues dealing with the Hedgehog OS capture sensor
#476 opened Nov 5, 2024 by mmguero
Integrate Sigma rules via OpenSearch Security Analytics dashboards Relating to Malcolm's OpenSearch Dashboards interface enhancement New feature or request logstash Relating to Malcolm's use of Logstash
#475 opened Nov 5, 2024 by mmguero z.staging
Live capture on AWS using VPC traffic mirroring capture Relating to pcap-capture container cloud Relating to deployment of Malcolm in the cloud and/or with Kubernetes
#474 opened Nov 5, 2024 by mmguero z.staging
kubernetes (next steps) - helm chart(s) cloud Relating to deployment of Malcolm in the cloud and/or with Kubernetes
#473 opened Nov 5, 2024 by mmguero z.staging
ProTip! Updated in the last three days: updated:>2024-11-21.