Comments (1)
Hey @citnadxela,
So the explanation here is that we are alerting based on whats coming through in the logs. In the logs you will see that it reports each read (which for some files may take more then one read operation). This means we would see multiple alerts for the same file being opened.
We haven't added support to handle this nicely (yet!). You could add it by looking at the samba.py
file, and adding some logic to determine whether it is the same file (under SambaLogWatcher
and in handleLines
). This PR would be welcomed (and rewarded) 😋
from opencanary.
Related Issues (20)
- How to get modules to run with my own writing HOT 5
- Issue with the portscan feature, when running in docker. HOT 2
- error: command '/usr/bin/x86_64-linux-gnu-gcc' failed with exit code 1 HOT 3
- Missing quotes to "verify": False ? HOT 2
- question: Where to see the login( credentials) details? HOT 2
- Ubuntu - Autostart Service in Python Virtual Enviroment HOT 4
- SQLFactory does not log any activity HOT 1
- syslog utc timestamp data fields HOT 1
- New web Skin
- Opencanary send out alarms days after event HOT 4
- How can I downgrade RDP. py in version 0.9.0, as I would like it to be in version 0.4 of the Python 2.7 environment? HOT 3
- Feature Request: RDP full authentication flow HOT 1
- Splunk not ingesting opencanary.log HOT 2
- [BUG] Putty and Powershell ssh client not able to recognize this fake ssh service HOT 4
- [BUG] v0.91 Seems to have problem with Telnet (Tested on Ubuntu 20.04 and 22.04) HOT 3
- [BUG] v0.90 seems to log SSH as a port-scanning even with port-scanning disabled. HOT 2
- [BUG] nasLogin skin (&CSS) - does not work when reverse proxying the HTTP stack HOT 10
- Ability to customize/extend input filed names of http.skin form elements. HOT 5
- [BUG] portmap not being written to /var/tmp/opencanary.log HOT 13
- LLMNR Support? HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from opencanary.