tmanninger
tmanninger
I have the same issue :(
I uploaded 2 pcaps, one without client auth (which returns the correct ciphers) and one with client auth (which returns only TLSv1.3 ciphers) [sslscan_pcaps.zip](https://github.com/rbsec/sslscan/files/6613829/sslscan_pcaps.zip)
Any feedback?
the configuration with only the comments are also not working, the invalid json request is not blocked.
thanks for feedback! What does mean the "@" after the comment?
@willyborankin do you mean, the Sink should create the Template, Datastream and ISM policy? If i am using the the current internal sink with an index, i also must create...
> > @willyborankin do you mean, the Sink should create the Template, Datastream and ISM policy? If i am using the the current internal sink with an index, i also...
I will add some test cases.
I added a test for datastream and for an index. For both, i generate some audit logs and check the count of documents in the audit log index/datastream. Thank's ok?
I can create a new Sink named internal_opensearch_datastream - Create index template (name: auditlog_datastream) - Create datastream (name: auditlog , config option: plugins.security.audit.config.datastream) - Write audit logs to this datastream...