frantz45
frantz45
## Steps to reproduce Use exploit/solaris/ssh/pam_username_bof with a recent version of Metasploit. Target version (uname -a): SunOS solaris 5.10 Generic_147148-26 i86pc i386 i86pc ## Were you following a specific guide/tutorial...
## Expected Behavior The Stream rules tester should reflect the real behavior of how rules are checked ## Current Behavior The rules tester uses the indexed timestamp whereas rules checked...
Events from stream1 should occured **strictly** before/after those from stream2. If they happen at exactly the same time (milisecond) it will not trigger an Event. It should be documented in...
Actually the plugin has 2 threshold types (more/less than), 2 streams and multiple time conditions (any/before/after). It makes the code complex. Regarding the time conditions we could only keep before...
The actual algorithm is a double "for" loop to browse all events to check if conditions are satisfied at this specific timestamp. It consumes many resources, I think it could...
1. Create a list (for example the list "users" with 3 users : toto, tata, titi) 2. Create a COUNT rule with 2 conditions linked by an AND - 1st...
Currently when you clone a rule the notification is not cloned, especially the most important ones likes Body template and Split fields. (Tested in Wizard 5.1.3)
POST /api/plugins/com.airbus_cyber_security.graylog.wizard/alerts with the null value for the description field It will return a 400 Bad request: Cannot construct instance of [...], problem: Null getDescription [...] (This error happens when...
When I click on the Clone button nothing happens. Error in the Console: ``` Uncaught TypeError: this.refs.modal is undefined open AlertRuleCloneForm.jsx:61 _onClone AlertRuleList.jsx:145 s vendor.8a712d83b311029bb0b6.js:671 m vendor.8a712d83b311029bb0b6.js:671 W vendor.8a712d83b311029bb0b6.js:671 D...
https://github.com/airbus-cyber/graylog-plugin-alert-wizard/issues/74