CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-01-23 08:31:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add additional information around URI and User Agent

Browse Source
This commit is contained in:
weslambert
2022-04-28 17:14:36 -04:00
committed by GitHub
parent c001708707
commit 66b4fe9f58
1 changed files with 10 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
salt/sensoroni/files/analyzers/README.md
View File

@@ -5,15 +5,16 @@ Security Onion provides a means for performing data analysis on varying inputs.
## Supported Observable Types
The built-in analyzers support the following observable types:
| Name | Domain | Hash | IP | JA3 | URL |
| ------------------------|--------|-------|-------|-------|-------|
| Alienvault OTX |✓ |✓|✓|✗|✓|
| Greynoise |✗ |✗|✓|✗|✗|
| JA3er |✗ |✗|✗|✓|✗|
| LocalFile |✓ |✓|✓|✓|✓|
| Spamhaus |✗ |✗|✓|✗|✗|
| Urlhaus |✗ |✗|✗|✗|✓|
| Virustotal |✓ |✓|✓|✗|✓|
| Name | Domain | Hash | IP | JA3 | Other | URI | URL | User Agent |
| ------------------------|--------|-------|-------|-------|-------|-------|-------|-------|
| Alienvault OTX |✓ |✓|✓|✗|✗|✗|✓|✗|
| Greynoise |✗ |✗|✓|✗|✗|✗|✗|✗|
| JA3er |✗ |✗|✗|✓|✗|✗|✗|✗|
| LocalFile |✓ |✓|✓|✓|✓|✗|✓|✗|
| Pulsedive |✓ |✓|✓|✗|✗|✓|✓|✓|
| Spamhaus |✗ |✗|✓|✗|✗|✗|✗|✗|
| Urlhaus |✗ |✗|✗|✗|✗|✗|✓|✗|
| Virustotal |✓ |✓|✓|✗|✗|✗|✓|✗|
## Developer Guide