Threat Intel Feed Job Scheduler with unit and integ test #664
Commits on Oct 7, 2023
-
-
-
add threat intel feed data dao
Signed-off-by: Surya Sashank Nistala <snistala@amazon.com>
-
add threatIntelEnabled field in detector.
Signed-off-by: Surya Sashank Nistala <snistala@amazon.com>
-
add threat intel feed service and searching feeds
Signed-off-by: Surya Sashank Nistala <snistala@amazon.com>
-
-
plug threat intel feed into detector creation
Signed-off-by: Surya Sashank Nistala <snistala@amazon.com>
-
Preliminary framework for jobscheduler and datasource (opensearch-pro…
…ject#626) Signed-off-by: Joanne Wang <jowg@amazon.com>
Commits on Oct 9, 2023
-
create doc level query from threat intel feed data index docs"
Signed-off-by: Surya Sashank Nistala <snistala@amazon.com>
-
Commits on Oct 10, 2023
-
add tests for testing threat intel feed integration with detectors
Signed-off-by: Surya Sashank Nistala <snistala@amazon.com>
-
Threat intel feeds job runner and unit tests (opensearch-project#654)
* fix doc level query constructor (opensearch-project#651) Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> * add mapping for indices storing threat intel feed data * fix feed indices mapping * add threat intel feed data dao Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> * add threatIntelEnabled field in detector. Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> * add threat intel feed service and searching feeds Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> * ti feed data to doc level query convertor logic added * plug threat intel feed into detector creation Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> * Preliminary framework for jobscheduler and datasource (opensearch-project#626) Signed-off-by: Joanne Wang <jowg@amazon.com> * with listener and processor Signed-off-by: Joanne Wang <jowg@amazon.com> * removed actions Signed-off-by: Joanne Wang <jowg@amazon.com> * clean up Signed-off-by: Joanne Wang <jowg@amazon.com> * added parser Signed-off-by: Joanne Wang <jowg@amazon.com> * add unit tests Signed-off-by: Joanne Wang <jowg@amazon.com> * refactored class names Signed-off-by: Joanne Wang <jowg@amazon.com> * before moving db Signed-off-by: Joanne Wang <jowg@amazon.com> * after moving db Signed-off-by: Joanne Wang <jowg@amazon.com> * added actions to plugin and removed user schedule Signed-off-by: Joanne Wang <jowg@amazon.com> * unit tests Signed-off-by: Joanne Wang <jowg@amazon.com> * fix build error Signed-off-by: Joanne Wang <jowg@amazon.com> * changed transport naming Signed-off-by: Joanne Wang <jowg@amazon.com> --------- Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> Signed-off-by: Joanne Wang <jowg@amazon.com> Co-authored-by: Surya Sashank Nistala <snistala@amazon.com>
Commits on Oct 11, 2023
-
converge job scheduler code with threat intel feed integration in det…
…ectors Signed-off-by: Surya Sashank Nistala <snistala@amazon.com>
-
Signed-off-by: Joanne Wang <jowg@amazon.com>
-
Signed-off-by: Joanne Wang <jowg@amazon.com>
-
converge job scheduler and detector threat intel code
Signed-off-by: Surya Sashank Nistala <snistala@amazon.com>
Commits on Oct 12, 2023
-
fixed the parser and build.gradle
Signed-off-by: Joanne Wang <jowg@amazon.com>
-
-
-
add threat intel feed data dao
Signed-off-by: Surya Sashank Nistala <snistala@amazon.com>
-
add threatIntelEnabled field in detector.
Signed-off-by: Surya Sashank Nistala <snistala@amazon.com>
-
add threat intel feed service and searching feeds
Signed-off-by: Surya Sashank Nistala <snistala@amazon.com>
-
-
plug threat intel feed into detector creation
Signed-off-by: Surya Sashank Nistala <snistala@amazon.com>
-
Preliminary framework for jobscheduler and datasource (opensearch-pro…
…ject#626) Signed-off-by: Joanne Wang <jowg@amazon.com>
-
create doc level query from threat intel feed data index docs"
Signed-off-by: Surya Sashank Nistala <snistala@amazon.com>
-
-
add tests for testing threat intel feed integration with detectors
Signed-off-by: Surya Sashank Nistala <snistala@amazon.com>
-
Threat intel feeds job runner and unit tests (opensearch-project#654)
* fix doc level query constructor (opensearch-project#651) Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> * add mapping for indices storing threat intel feed data * fix feed indices mapping * add threat intel feed data dao Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> * add threatIntelEnabled field in detector. Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> * add threat intel feed service and searching feeds Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> * ti feed data to doc level query convertor logic added * plug threat intel feed into detector creation Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> * Preliminary framework for jobscheduler and datasource (opensearch-project#626) Signed-off-by: Joanne Wang <jowg@amazon.com> * with listener and processor Signed-off-by: Joanne Wang <jowg@amazon.com> * removed actions Signed-off-by: Joanne Wang <jowg@amazon.com> * clean up Signed-off-by: Joanne Wang <jowg@amazon.com> * added parser Signed-off-by: Joanne Wang <jowg@amazon.com> * add unit tests Signed-off-by: Joanne Wang <jowg@amazon.com> * refactored class names Signed-off-by: Joanne Wang <jowg@amazon.com> * before moving db Signed-off-by: Joanne Wang <jowg@amazon.com> * after moving db Signed-off-by: Joanne Wang <jowg@amazon.com> * added actions to plugin and removed user schedule Signed-off-by: Joanne Wang <jowg@amazon.com> * unit tests Signed-off-by: Joanne Wang <jowg@amazon.com> * fix build error Signed-off-by: Joanne Wang <jowg@amazon.com> * changed transport naming Signed-off-by: Joanne Wang <jowg@amazon.com> --------- Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> Signed-off-by: Joanne Wang <jowg@amazon.com> Co-authored-by: Surya Sashank Nistala <snistala@amazon.com>
-
converge job scheduler code with threat intel feed integration in det…
…ectors Signed-off-by: Surya Sashank Nistala <snistala@amazon.com>
-
converge job scheduler and detector threat intel code
Signed-off-by: Surya Sashank Nistala <snistala@amazon.com>
-
add feed metadata config files in src and test
Signed-off-by: Surya Sashank Nistala <snistala@amazon.com>
-
Signed-off-by: Joanne Wang <jowg@amazon.com>
Commits on Oct 13, 2023
-
update csv parser and new metadata field
Signed-off-by: Joanne Wang <jowg@amazon.com>
-
Merge branch 'feature/threat_intel_feeds' of https://github.com/opens…
…earch-project/security-analytics into threatIntelTest
-
fixed job scheduler interval settings
Signed-off-by: Joanne Wang <jowg@amazon.com>
Commits on Oct 16, 2023
-
add tests for ioc to fields for each log type
Signed-off-by: Surya Sashank Nistala <snistala@amazon.com>
-
Merge branch 'feature/threat_intel_feeds' into threatIntelTest
Signed-off-by: Joanne Wang <109310487+jowg-amazon@users.noreply.github.com>
-