CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #9630 from Security-Onion-Solutions/kilo

Browse Source 
Kilo
This commit is contained in:
Jason Ertel
2023-01-24 10:45:12 -05:00
committed by GitHub
parent 2bffd9b473 0dc5e7e714
commit fd7d51a59b
2 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.github/workflows/pythontest.yml vendored
View File

@@ -2,9 +2,11 @@ name: python-test
on: on:
push: push:
paths: salt/sensoroni/files/analyzers paths:
- "salt/sensoroni/files/analyzers/**"
pull_request: pull_request:
paths: salt/sensoroni/files/analyzers paths:
- "salt/sensoroni/files/analyzers/**"
jobs: jobs:
build: build:

2
salt/sensoroni/files/analyzers/README.md
View File

@@ -3,6 +3,7 @@
Security Onion provides a means for performing data analysis on varying inputs. This data can be any data of interest sourced from event logs. Examples include hostnames, IP addresses, file hashes, URLs, etc. The analysis is conducted by one or more analyzers that understand that type of input. Analyzers come with the default installation of Security Onion. However, it is also possible to add additional analyzers to extend the analysis across additional areas or data types. Security Onion provides a means for performing data analysis on varying inputs. This data can be any data of interest sourced from event logs. Examples include hostnames, IP addresses, file hashes, URLs, etc. The analysis is conducted by one or more analyzers that understand that type of input. Analyzers come with the default installation of Security Onion. However, it is also possible to add additional analyzers to extend the analysis across additional areas or data types.
## Supported Observable Types ## Supported Observable Types
The built-in analyzers support the following observable types: The built-in analyzers support the following observable types:
| Name | Domain | Hash | IP | Mail | Other | URI | URL | User Agent | | Name | Domain | Hash | IP | Mail | Other | URI | URL | User Agent |
@@ -20,6 +21,7 @@ The built-in analyzers support the following observable types:
| WhoisLookup |✓ |✗|✗|✗|✗|✓|✗|✗| | WhoisLookup |✓ |✗|✗|✗|✗|✓|✗|✗|
## Authentication ## Authentication
Many analyzers require authentication, via an API key or similar. The table below illustrates which analyzers require authentication. Many analyzers require authentication, via an API key or similar. The table below illustrates which analyzers require authentication.
| Name | Authn Req'd| | Name | Authn Req'd|