PRs to this repository are checked with a variety of tools. Having looked through this repository and the Developer's Guide (http://wiki.sleuthkit.org/index.php?title=Developer%27s_Guide), I can find no documentation about these tools and how to accommodate the associated tests on PRs. As such, several contributed PRs quite understandably fail these tests. Please add documentation to assist and en

Bug / Feature Request

Work Environment

Problem Description

There are no longer any default dashboards

Possible Solutions

Add the default da

Probably not a new issue as I've been following some resources but still need help. I would like to configure vuln detection on Windows and there are no documentation on the Wazuh portal for this. From what I've read so far you seem to be using the NVD database as a reference, can you please help me?

You can't add the the event handler until the response app is up. But every time the container starts, ngrok creates a new random inbound port.

I couldn't figure out what order to do these things in, so I gave up.

Is anyone experiencing the disappear of comments after uploading some date?
In this case after 6 mans:

Data inside is present, just the table with comments has problem, probably some js not correctly loaded.
Issue persists also restarting docker.

One change we are seeing in our industry is the wider adoption of the belief that being able to distill an incident down to a single root cause is a myth[1][2]. As the complexities of our systems grow the complexities of our incidents grow, and trying to isolate an incident to one item doesn't result in the types of learnings we need to come out of those incidents.

The truth is that each incide

Hi,
when installing a new instance on @CSIRTMalta , it helped us a lot to create a diagram that denotes all the important folders, users and their rights. We'd like to push it to the Installation.md so that everyone can profit.

(There are multiple typos, like "lb" instead of lib", "intelmqv5" will be "human administrator", "sudders" will be sudoers.)

![image](https://user-images.githubu

Unit tests need to be created that tests obfuscating with all possible Mutator permutations that are 2 Mutators long. So basically given the dozen or so current Mutators, make sure Mutators don't just work on their separately, but together as well. I've run into a few random cases where using Mutators in specific combinations produces faulty payloads, and want a test that can do this for me.

Us

Work Environment

Problem Description

After updating database in Cortex, when the create adminis

Artifact output is one or more tables with column names set by the VQL itself. It is often convenient to forward artifact output to additional systems and so it would be nice to develop some naming guidelines around columns.

Additionally it would be useful to develop a minimal set of columns to output so each row can be tagged in an external system (e.g. Elastic index).

This bug is to facili

Hi
i am using docker-compose in windows 7
postgres,rabbitmq and django application services build,but nginx service has an error!

nginx:
volumes:
- ./nginx_docker.conf:/etc/nginx/conf.d/default.conf

in this part "nginx_docker.conf" is not a directory and i have error "not a directory" in running "docker-compose up" command.
what is your solution for my problem?

Hi team,

I have noticed that the log examples found in 0610-win-ms_logs_rules.xml don't match their rules.
It is due the fields providerName and channel aren't correct.

https://github.com/wazuh/wazuh-ruleset/blob/725a0155cfde0a849729d9d174f03e1453e31242/rules/0610-win-ms_logs_rules.xml#L37-L63

To match rules 63103, 63104 and 63105, the logs must have matched before rules `60

This issue helps tracking TheHive4 documentation progress

• Hardware Pre-requisites in home page (cc @To-om)
• Installation Guide (cc @jeromeleonard)
• Migration guide (cc @To-om)
• Admin Guides
  • Connectors (cc @To-om )
  • Authentication
  • Backup_restore
  • Cassandra Security
  • Culstering
  • HTTPS
• User guides
  • Quick

Need configurations for locally sourced CMDB IP / FQDN lookups. I don't have access to these systems so I need some community help for them!

Current List:

• ServiceNow
• AlienVault OCS
• SolarWinds

How can you help?

• Contribute to this list of nice to haves.
• Create a lookup request configuration to any of the items on this list (Check out the MISP configuration for best practic

Describe the bug
The following analyzers are missing cortexutils:

• SpamhausDBL
• ProofPoint
• TeamCymruMHR
• Umbrella

To Reproduce
find ./analyzers -name "requirements.txt" -print -exec cat {} \;

Complementary information
The current dep. installation implementation allowed this error to slip under the radar, but containerized analyzers did not have this critical depe

Let the user define the columns / indexes of a submitted csv for such things like system_name in dfirtrack.config.

A good starting point is dfirtrack_main.importer.file.csv.systems_tags.