Skip to content

extend intel.log with additional fields using corelight/ExtendIntel (part 1) #502

New issue
New issue
Closed
Feature
Closed
extend intel.log with additional fields using corelight/ExtendIntel (part 1)#502
Feature
Assignees
mmguero
Labels
arkimeRelating to Malcolm's use of ArkimedashboardsRelating to Malcolm's OpenSearch Dashboards interfaceenhancementNew feature or requestexternalDepends on a bug or feature external to this projectintelRelated to integration with threat intel feedslogstashRelating to Malcolm's use of LogstashzeekRelating to Malcolm's use of Zeek
Milestone
v25.06.0
@mmguero

Description

@mmguero
mmguero
opened on Nov 19, 2024

We could be getting more useful information from our zeek intelligence matches, and this plugin can help us do that

Splitting this into two parts, one to get the plugin integrated and the basics listed above, and another one at a future time to further expand the usage of these new fields, see #695

Metadata

Metadata

Assignees

Labels

arkimeRelating to Malcolm's use of ArkimedashboardsRelating to Malcolm's OpenSearch Dashboards interfaceenhancementNew feature or requestexternalDepends on a bug or feature external to this projectintelRelated to integration with threat intel feedslogstashRelating to Malcolm's use of LogstashzeekRelating to Malcolm's use of Zeek

Type

Feature

Projects

Malcolm

Status

Released

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions