CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add EmailRep analyzer to observable support matrix

Browse Source
This commit is contained in:
weslambert
2022-05-03 10:10:57 -04:00
committed by GitHub
parent 5a9acb3857
commit f3a91d9fcd
1 changed files with 11 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
salt/sensoroni/files/analyzers/README.md
View File

@@ -5,16 +5,17 @@ Security Onion provides a means for performing data analysis on varying inputs.
## Supported Observable Types ## Supported Observable Types
The built-in analyzers support the following observable types: The built-in analyzers support the following observable types:
| Name | Domain | Hash | IP | JA3 | Other | URI | URL | User Agent | | Name | Domain | Hash | IP | JA3 | Mail | Other | URI | URL | User Agent |
| ------------------------|--------|-------|-------|-------|-------|-------|-------|-------| | ------------------------|--------|-------|-------|-------|-------|-------|-------|-------|------------
| Alienvault OTX |✓ |✓|✓|✗|✗|✗|✓|✗| | Alienvault OTX |✓ |✓|✓|✗|✗|✗|✗|✓|✗|
| Greynoise |✗ |✗|✓|✗|✗|✗|✗|✗| | EmailRep |✗ |✗|✗|✗|✓|✗|✗|✗|✗|
| JA3er |✗ |✗|✗|✓|✗|✗|✗|✗| | Greynoise |✗ |✗|✓|✗|✗|✗|✗|✗|✗|
| LocalFile |✓ |✓|✓|✓|✓|✗|✓|✗| | JA3er |✗ |✗|✗|✓|✗|✗|✗|✗|✗|
| Pulsedive |✓ |✓|✓|✗|✗|✓|✓|✓| | LocalFile |✓ |✓|✓|✓|✗|✓|✗|✓|✗|
| Spamhaus |✗ |✗|✓|✗|✗|✗|✗|✗| | Pulsedive |✓ |✓|✓|✗|✗|✗|✓|✓|✓|
| Urlhaus |✗ |✗|✗|✗|✗|✗|✓|✗| | Spamhaus |✗ |✗|✓|✗|✗|✗|✗|✗|✗|
| Virustotal |✓ |✓|✓|✗|✗|✗|✓|✗| | Urlhaus |✗ |✗|✗|✗|✗|✗|✗|✓|✗|
| Virustotal |✓ |✓|✓|✗|✗|✗|✗|✓|✗|
## Developer Guide ## Developer Guide