|
93e7dcd529
|
Started FCC data ingestor
|
2024-12-01 21:36:33 -05:00 |
|
|
1fedeb2081
|
Added documentation to Meshtastic ingestor on how to collect MQTT evens in JSON
|
2024-11-30 18:20:53 -05:00 |
|
|
e38e0ec69b
|
Added mapping for Meshtastic MQTT events, improved payload processing
|
2024-11-30 18:17:12 -05:00 |
|
|
8ad57f9a5e
|
removed typings import
|
2024-11-30 02:29:08 -05:00 |
|
|
ad51f59a38
|
Added meshtastic & firehol ingestors
|
2024-11-30 02:27:12 -05:00 |
|
|
ff86784a53
|
Improved processing using the hidden -oD output for ndjson
|
2024-11-27 14:52:26 -05:00 |
|
|
16bc2aaa7f
|
RIR transfers ingestion fixed & tested
|
2024-11-24 00:13:37 -05:00 |
|
|
bd0c8baae3
|
Refactoring RIR ingestions
|
2024-11-22 01:18:28 -05:00 |
|
|
124e4b0cf3
|
ECS formatting added to eris, certstream ingestor now caches to prevent duplication, elastic connections properly closed now
|
2024-03-23 22:47:30 -04:00 |
|
|
510f7db07e
|
Fixed _doc to doc in record
|
2024-03-23 17:26:55 -04:00 |
|
|
c6204be8e1
|
Added more comments and thoughts
|
2024-03-23 15:31:15 -04:00 |
|
|
20ee3fcb0f
|
Added a comment about the methodology of determining the zone the data is from.
|
2024-03-23 14:48:45 -04:00 |
|
|
e74741c0ad
|
Updated example record comment under source to reflect on the new record structure
|
2024-03-23 14:46:44 -04:00 |
|
|
6983b8ebec
|
AXFR detection in zone file input, to determine if the data is form ICANN or an AXFR against a dns (for source tracking)
|
2024-03-23 14:42:51 -04:00 |
|
|
a53541c328
|
Added zone field too better querying on specific tlds/zones
|
2024-03-23 14:31:39 -04:00 |
|
|
78d7556f09
|
Records stored as a nested type for better querying, added source field so we can identify where the zone data derived (icann, axfr, breach, etc)
|
2024-03-23 13:46:38 -04:00 |
|
|
603d005a47
|
Added IXP ingestor, updated all other ingestors
|
2024-03-19 19:00:12 -04:00 |
|
|
24850ea976
|
Typo in pypi title
|
2024-03-15 01:26:55 -04:00 |
|
|
fe49255f69
|
Added elastic common schema (ecs) logging to file for ingesting eris logs straight into ES
|
2024-03-15 01:25:09 -04:00 |
|
|
1ab7199f7d
|
Certstream ingestor now only logs sub-domains since we already ingested zone files. Ignores www. and wildcard domains.
|
2024-03-13 22:34:20 -04:00 |
|
|
7f93a4d8de
|
add ingest_rir_transfers.py
|
2024-03-13 20:54:36 -04:00 |
|
|
4dc31a5090
|
RIR Transfers ingestor added
|
2024-03-13 20:51:53 -04:00 |
|
|
bd735ea8a7
|
Thats how you fucking do it. Delegations stored in ranges now for querying.
|
2024-03-12 21:20:34 -04:00 |
|
|
1864f08e4b
|
Fixed import error saying aiofiles instead of aiohttp
|
2024-03-12 18:23:52 -04:00 |
|
|
b1fa34f3aa
|
Added anomaly detection to RIR delegations ingestor
|
2024-03-12 18:19:47 -04:00 |
|
|
00711fe856
|
Created an ingestor for RIR delegations
|
2024-03-12 17:04:14 -04:00 |
|
|
6bb0d4eeef
|
Lowered reconnect time on certstream timeout
|
2024-03-12 00:44:17 -04:00 |
|
|
67c7e639a9
|
Renamed default_index to eris-certstream
|
2024-03-11 23:32:37 -04:00 |
|
|
1ad7d8a1d3
|
Fixed logger again
|
2024-03-11 23:30:48 -04:00 |
|
|
32d5c773e8
|
Fixed missing logging.handlers import
|
2024-03-11 23:07:35 -04:00 |
|
|
c3b9cb9e08
|
Fixed logger level
|
2024-03-11 23:06:25 -04:00 |
|
|
de3878ef6b
|
Removed _id from certstream yield and renamed ingest_certs.py to ingest_certstream.py
|
2024-03-11 22:46:48 -04:00 |
|
|
87f2cf27ea
|
Code cleanup
|
2024-03-11 22:33:18 -04:00 |
|
|
b018da4e4d
|
Full source commenting, uniformity in testing function, records stored as a list by default incase an IP address yields multiple PTR records
|
2024-03-11 19:18:03 -04:00 |
|
|
6c4ae3e988
|
Many bugs fixed in sniffer and async model.
|
2024-03-08 12:13:57 -05:00 |
|
|
d34aa105f1
|
Overall code cleanup
|
2024-03-08 00:07:26 -05:00 |
|
|
681e3bd788
|
Fixed issue with ingest_certs and the ingestion function signature. Simple placeholder argument (un-used) added to maintain function uniformity
|
2024-03-07 23:33:20 -05:00 |
|
|
45f878285c
|
Testing function added to every ingestor to debug directly. No more --dry-run needed.
|
2024-03-07 23:31:30 -05:00 |
|
|
b78b99e060
|
Changed yield to return when sentinal value is recieved through the FIFO
|
2024-03-07 22:57:59 -05:00 |
|
|
da065c6889
|
Added a testing function for calling the ingest_massdns.py file directly for debugging
|
2024-03-07 22:55:48 -05:00 |
|
|
3c98f8f1f1
|
MassDNS ingestion script now caches the previous record to support IP addresses that yield more than one PTR record (field turned into a list when +1). Records will now upsert so MassDNS can be streaming into ES 24/7=
|
2024-03-07 21:57:44 -05:00 |
|
|
9c6beb71ce
|
MassDNS ingestion script now caches the previous record to support IP addresses that yield more than one PTR record (field turned into a list when +1). Records will now upsert so MassDNS can be streaming into ES 24/7=
|
2024-03-07 21:57:10 -05:00 |
|
|
b15b3d8241
|
OCD about formatting again
|
2024-03-06 15:07:52 -05:00 |
|
|
fd617e3c9d
|
Certstream ingestion improved, still need to test stripping nulls and refactor the index mapping so we only store whats needed
|
2024-03-06 14:38:34 -05:00 |
|
|
90d6260b99
|
Updated massdns ingestion script with sentinal value checking and using the ip address as the document id
|
2024-03-06 14:33:21 -05:00 |
|
|
cba51ca2dd
|
Added a note about NSEC3 hash cracking for zone file data
|
2024-03-06 14:16:05 -05:00 |
|
|
654e4a8667
|
Zone file ingestion script now uses the same sentinal value as masscans ingestion, set document id as the domain name to allow updating records if they exist
|
2024-03-06 14:12:27 -05:00 |
|
|
84f124b23d
|
Masscan ingestion script updated to use ip:port as the document id to allow updating records that already exist. Added a sentinal value to trigger an EOF when using --watch with FIFO's
|
2024-03-06 13:26:45 -05:00 |
|
|
5a45be5c60
|
Updated cause I am OCD about spaces and formatting
|
2024-03-05 22:29:31 -05:00 |
|
|
598552d34f
|
Introduction paragraph descriving the project overview added, updated roadmap
|
2024-03-05 22:26:42 -05:00 |
|