~arx10/furemcape

Allow feeder to listen on multiple interfaces

Signed-off-by: Justin Ludwig <justin@arcemtene.com>
Add 5 more actions to opensshd parser:

* disconnected from user
* accepted key ... found at
* read error with port
* kex exchange identification
* connect failed

Signed-off-by: Justin Ludwig <justin@arcemtene.com>
relax execmem restrictions for feeder service tls

Signed-off-by: Justin Ludwig <justin@arcemtene.com>
simple openssl ca scripts for feeder tls

Signed-off-by: Justin Ludwig <justin@arcemtene.com>
Handle transformer system matches on dicts

by running match regex on stringified dict

Signed-off-by: Justin Ludwig <justin@arcemtene.com>
Handle analyze_as_of config setting when date

or datetime object, in additional to string date/time

Signed-off-by: Justin Ludwig <justin@arcemtene.com>
Add 2 more actions to opensshd parser:

* failed publickey
* received disconnect

Signed-off-by: Justin Ludwig <justin@arcemtene.com>
add tls support to lumberjack feeder

Signed-off-by: Justin Ludwig <justin@arcemtene.com>
initial lumberjack (logstash) feeder

Signed-off-by: Justin Ludwig <justin@arcemtene.com>
open local port 9012 for ad-hoc feeder dev

Signed-off-by: Justin Ludwig <justin@arcemtene.com>
open_sshd log pipeline

Signed-off-by: Justin Ludwig <justin@arcemtene.com>
extract common util fns from analyzer processors

as well as basic include/exclude logic

Signed-off-by: Justin Ludwig <justin@arcemtene.com>
add caching to not_seen_before analyzer processor

to skip when seen elements in hit before; and also skip when danger=0

Signed-off-by: Justin Ludwig <justin@arcemtene.com>
add too_frequent analyzer processor

using `cachetools` package for `TTLCache`, with new shared
`HashableDict` object for creating hash keys from dicts

Signed-off-by: Justin Ludwig <justin@arcemtene.com>
fix e2e tests to fail if run script fails

Signed-off-by: Justin Ludwig <justin@arcemtene.com>
fix not_seen_before to handle cidr notation

Signed-off-by: Justin Ludwig <justin@arcemtene.com>
fix docs canonical url to not include .html ext

see https://github.com/readthedocs/sphinx_rtd_theme/pull/285

Signed-off-by: Justin Ludwig <justin@arcemtene.com>
update readme with docs and sourcehut links

Signed-off-by: Justin Ludwig <justin@arcemtene.com>
docs for contributing and code of conduct

Signed-off-by: Justin Ludwig <justin@arcemtene.com>
docs custom.css

removing extra margin between list item and sublist

Signed-off-by: Justin Ludwig <justin@arcemtene.com>
Next