├── .github ├── CONTRIBUTING.rst ├── ISSUE_TEMPLATE.md ├── PULL_REQUEST_TEMPLATE.md └── workflows │ └── ci.yml ├── .gitignore ├── .pylintrc ├── AUTHORS.rst ├── LICENSE ├── README.rst ├── Vagrantfile ├── conf ├── clusters │ └── prod.json ├── global.json ├── lambda.json ├── lookup_tables.json ├── normalized_types.json ├── outputs.json ├── scheduled_queries.json ├── schemas │ ├── aliyun.json │ ├── binaryalert.json │ ├── box.json │ ├── carbonblack.json │ ├── cloudtrail.json │ ├── cloudwatch.json │ ├── duo.json │ ├── fleet.json │ ├── ghe.json │ ├── gsuite.json │ ├── okta.json │ ├── onelogin.json │ ├── osquery.json │ ├── packetbeat.json │ ├── pan.json │ ├── slack.json │ ├── streamquery.json │ └── trendmicro.json └── threat_intel.json ├── constraints.txt ├── docs ├── Makefile ├── images │ ├── artifacts.png │ ├── athena-alerts-search.png │ ├── athena-data-search.png │ ├── cloudwatch_events.png │ ├── historical-search.png │ ├── join_search.png │ ├── normalization-arch.png │ ├── sa-banner.png │ ├── sa-complete-arch.png │ ├── sa-high-level-arch.png │ └── sa-square-logo-standalone.png ├── make.bat └── source │ ├── alternatives.rst │ ├── apps.rst │ ├── architecture.rst │ ├── conf-schemas-examples.rst │ ├── conf.py │ ├── config-clusters.rst │ ├── config-global.rst │ ├── config-schemas.rst │ ├── datasources.rst │ ├── datatypes.rst │ ├── deployment.rst │ ├── dynamic-outputs.rst │ ├── faq.rst │ ├── getting-started.rst │ ├── historical-search.rst │ ├── index.rst │ ├── lookup-tables.rst │ ├── metrics.rst │ ├── normalization.rst │ ├── outputs.rst │ ├── publishers.rst │ ├── rule-promotion.rst │ ├── rule-staging.rst │ ├── rules.rst │ ├── scheduled-queries.rst │ ├── testing.rst │ └── troubleshooting.rst ├── manage.py ├── matchers ├── __init__.py └── default.py ├── publishers ├── __init__.py ├── community │ ├── __init__.py │ ├── generic.py │ ├── pagerduty │ │ ├── __init__.py │ │ └── pagerduty_layout.py │ └── slack │ │ ├── __init__.py │ │ └── slack_layout.py └── sample │ ├── __init__.py │ └── sample_demisto.py ├── requirements-top-level.txt ├── requirements.txt ├── rules ├── __init__.py ├── classifier │ ├── aliyun │ │ └── aliyun_actiontrail.json │ ├── box │ │ └── box_admin_events.json │ ├── cloudtrail │ │ ├── cloudtrail_events.json │ │ └── cloudtrail_insights.json │ ├── cloudwatch │ │ ├── cloudwatch_cloudtrail.json │ │ ├── cloudwatch_control_message.json │ │ └── cloudwatch_rds_aurora.json │ ├── gsuite │ │ └── gsuite_reports.json │ ├── osquery │ │ └── osquery_snapshot.json │ ├── packbeat │ │ ├── packetbeat_dns.json │ │ └── packetbeat_flow.json │ └── slack │ │ ├── slack_access.json │ │ └── slack_integration.json ├── community │ ├── __init__.py │ ├── binaryalert │ │ ├── __init__.py │ │ ├── binaryalert_yara_match.json │ │ └── binaryalert_yara_match.py │ ├── cloudtrail │ │ ├── cloudtrail_aws_config.json │ │ └── cloudtrail_aws_config.py │ ├── cloudwatch_events │ │ ├── __init__.py │ │ ├── cloudtrail_critical_api_calls.json │ │ ├── cloudtrail_critical_api_calls.py │ │ ├── cloudtrail_ec2_image_creation.json │ │ ├── cloudtrail_ec2_image_creation.py │ │ ├── cloudtrail_mfa_policy_abuse_attempt.json │ │ ├── cloudtrail_mfa_policy_abuse_attempt.py │ │ ├── cloudtrail_network_acl_ingress_anywhere.json │ │ ├── cloudtrail_network_acl_ingress_anywhere.py │ │ ├── cloudtrail_public_resources.json │ │ ├── cloudtrail_public_resources.py │ │ ├── cloudtrail_put_bucket_acl.json │ │ ├── cloudtrail_put_bucket_acl.py │ │ ├── cloudtrail_put_object_acl_public.json │ │ ├── cloudtrail_put_object_acl_public.py │ │ ├── cloudtrail_put_object_acl_public_publisher_example.json │ │ ├── cloudtrail_put_object_acl_public_publisher_example.py │ │ ├── cloudtrail_root_account_usage.json │ │ ├── cloudtrail_root_account_usage.py │ │ ├── cloudtrail_security_group_ingress_anywhere.json │ │ ├── cloudtrail_security_group_ingress_anywhere.py │ │ ├── cloudtrail_snapshot_or_ami_made_public.json │ │ └── cloudtrail_snapshot_or_ami_made_public.py │ ├── duo_administrator │ │ ├── __init__.py │ │ ├── duo_bypass_code_create_non_auto_generated.json │ │ ├── duo_bypass_code_create_non_auto_generated.py │ │ ├── duo_bypass_code_create_non_expiring.json │ │ ├── duo_bypass_code_create_non_expiring.py │ │ ├── duo_bypass_code_create_unlimited_use.json │ │ └── duo_bypass_code_create_unlimited_use.py │ ├── duo_authentication │ │ ├── __init__.py │ │ ├── duo_anonymous_ip_failure.json │ │ ├── duo_anonymous_ip_failure.py │ │ ├── duo_fraud.json │ │ ├── duo_fraud.py │ │ ├── duo_lookup_tables_example.json │ │ └── duo_lookup_tables_example.py │ ├── fleet │ │ ├── __init__.py │ │ ├── fleet_bad_action.json │ │ └── fleet_bad_action.py │ ├── github │ │ ├── __init__.py │ │ ├── github_disable_dismiss_stale_pull_request_approvals.json │ │ ├── github_disable_dismiss_stale_pull_request_approvals.py │ │ ├── github_disable_protect_this_branch.json │ │ ├── github_disable_protect_this_branch.py │ │ ├── github_disable_required_pull_request_reviews.json │ │ ├── github_disable_required_pull_request_reviews.py │ │ ├── github_disable_required_status_checks.json │ │ ├── github_disable_required_status_checks.py │ │ ├── github_disable_two_factor_requirement_org.json │ │ ├── github_disable_two_factor_requirement_org.py │ │ ├── github_disable_two_factor_requirement_user.json │ │ ├── github_disable_two_factor_requirement_user.py │ │ ├── github_oauth_application_create.json │ │ ├── github_oauth_application_create.py │ │ ├── github_site_admin_action.json │ │ ├── github_site_admin_action.py │ │ ├── github_site_admin_user_promotion.json │ │ └── github_site_admin_user_promotion.py │ ├── guardduty │ │ ├── __init__.py │ │ ├── guard_duty_all.json │ │ └── guard_duty_all.py │ ├── mitre_attack │ │ ├── __init__.py │ │ └── defense_evasion │ │ │ ├── __init__.py │ │ │ └── multi │ │ │ ├── __init__.py │ │ │ └── obfuscated_files_or_information │ │ │ ├── __init__.py │ │ │ ├── right_to_left_character.json │ │ │ └── right_to_left_character.py │ ├── okta │ │ ├── __init__.py │ │ └── okta_new_login.json │ ├── onelogin │ │ ├── __init__.py │ │ ├── onelogin_events_assumed_role.json │ │ ├── onelogin_events_assumed_role.py │ │ ├── onelogin_events_threat_intel_example.json │ │ └── onelogin_events_threat_intel_example.py │ ├── osquery │ │ ├── __init__.py │ │ ├── ssh_login_activity.json │ │ └── ssh_login_activity.py │ ├── packetbeat │ │ ├── __init__.py │ │ ├── packetbeat_blacklisted_domain.json │ │ ├── packetbeat_blacklisted_domain.py │ │ ├── packetbeat_blacklisted_ip.json │ │ ├── packetbeat_blacklisted_ip.py │ │ ├── packetbeat_dns_lookup.json │ │ └── packetbeat_dns_lookup.py │ └── trendmicro │ │ ├── __init__.py │ │ ├── trendmicro_malware_event.json │ │ └── trendmicro_malware_event.py ├── default │ └── __init__.py ├── helpers │ ├── __init__.py │ └── base.py └── sample │ ├── __init__.py │ ├── sample_demisto.json │ └── sample_demisto.py ├── scheduled_queries ├── __init__.py └── sample │ ├── __init__.py │ └── athena.py ├── setup.cfg ├── streamalert ├── __init__.py ├── alert_merger │ ├── __init__.py │ └── main.py ├── alert_processor │ ├── __init__.py │ ├── helpers.py │ ├── main.py │ └── outputs │ │ ├── __init__.py │ │ ├── aws.py │ │ ├── carbonblack.py │ │ ├── credentials │ │ ├── __init__.py │ │ └── provider.py │ │ ├── demisto.py │ │ ├── github.py │ │ ├── jira.py │ │ ├── jira_v2.py │ │ ├── komand.py │ │ ├── output_base.py │ │ ├── pagerduty.py │ │ ├── phantom.py │ │ ├── slack.py │ │ ├── teams.py │ │ └── victorops.py ├── apps │ ├── __init__.py │ ├── _apps │ │ ├── README.rst │ │ ├── __init__.py │ │ ├── aliyun.py │ │ ├── box.py │ │ ├── duo.py │ │ ├── gsuite.py │ │ ├── intercom.py │ │ ├── onelogin.py │ │ ├── salesforce.py │ │ └── slack.py │ ├── app_base.py │ ├── batcher.py │ ├── config.py │ ├── exceptions.py │ └── main.py ├── athena_partitioner │ ├── __init__.py │ └── main.py ├── classifier │ ├── __init__.py │ ├── classifier.py │ ├── clients │ │ ├── __init__.py │ │ └── sqs.py │ ├── main.py │ ├── parsers.py │ └── payload │ │ ├── __init__.py │ │ ├── apps.py │ │ ├── kinesis.py │ │ ├── payload_base.py │ │ ├── s3.py │ │ └── sns.py ├── rule_promotion │ ├── __init__.py │ ├── main.py │ ├── promoter.py │ ├── publisher.py │ └── statistic.py ├── rules_engine │ ├── __init__.py │ ├── alert_forwarder.py │ ├── main.py │ ├── rules_engine.py │ └── threat_intel.py ├── scheduled_queries │ ├── __init__.py │ ├── command │ │ ├── __init__.py │ │ ├── application.py │ │ └── processor.py │ ├── config │ │ ├── __init__.py │ │ ├── lambda_conf.py │ │ └── services.py │ ├── container │ │ ├── __init__.py │ │ └── container.py │ ├── handlers │ │ ├── __init__.py │ │ └── athena.py │ ├── main.py │ ├── query_packs │ │ ├── __init__.py │ │ ├── configuration.py │ │ ├── manager.py │ │ └── parameters.py │ ├── state │ │ ├── __init__.py │ │ └── state_manager.py │ ├── streamalert │ │ ├── __init__.py │ │ └── kinesis.py │ └── support │ │ ├── __init__.py │ │ └── clock.py ├── shared │ ├── __init__.py │ ├── alert.py │ ├── alert_table.py │ ├── artifact_extractor.py │ ├── athena.py │ ├── backoff_handlers.py │ ├── config.py │ ├── description.py │ ├── exceptions.py │ ├── firehose.py │ ├── helpers │ │ ├── __init__.py │ │ ├── aws_api_client.py │ │ ├── boto.py │ │ └── dynamodb.py │ ├── importer.py │ ├── logger.py │ ├── lookup_tables │ │ ├── __init__.py │ │ ├── cache.py │ │ ├── configuration.py │ │ ├── core.py │ │ ├── driver_dynamodb.py │ │ ├── driver_s3.py │ │ ├── drivers.py │ │ ├── drivers_factory.py │ │ ├── errors.py │ │ ├── table.py │ │ └── utils.py │ ├── metrics.py │ ├── normalize.py │ ├── publisher.py │ ├── resources.py │ ├── rule.py │ ├── rule_table.py │ ├── stats.py │ └── utils.py └── threat_intel_downloader │ ├── __init__.py │ ├── exceptions.py │ └── main.py ├── streamalert_cli ├── __init__.py ├── _infrastructure │ ├── _include.tf │ ├── _providers.tf │ ├── _variables.tf │ └── modules │ │ ├── tf_alert_merger_iam │ │ ├── README.md │ │ ├── main.tf │ │ └── variables.tf │ │ ├── tf_alert_processor_iam │ │ ├── README.md │ │ ├── main.tf │ │ └── variables.tf │ │ ├── tf_app_iam │ │ ├── README.md │ │ ├── main.tf │ │ └── variables.tf │ │ ├── tf_artifact_extractor │ │ ├── iam.tf │ │ ├── main.tf │ │ └── variables.tf │ │ ├── tf_athena │ │ ├── README.md │ │ ├── iam.tf │ │ ├── kms.tf │ │ ├── main.tf │ │ ├── outputs.tf │ │ └── variables.tf │ │ ├── tf_classifier │ │ ├── README.md │ │ ├── firehose.tf │ │ ├── iam.tf │ │ ├── sns.tf │ │ └── variables.tf │ │ ├── tf_cloudtrail │ │ ├── README.md │ │ ├── main.tf │ │ ├── modules │ │ │ └── tf_cloudtrail_cloudwatch │ │ │ │ ├── README.md │ │ │ │ ├── main.tf │ │ │ │ ├── output.tf │ │ │ │ └── variables.tf │ │ └── variables.tf │ │ ├── tf_cloudwatch_events │ │ ├── README.md │ │ ├── cross_account │ │ │ ├── README.md │ │ │ ├── main.tf │ │ │ └── variables.tf │ │ ├── main.tf │ │ └── variables.tf │ │ ├── tf_cloudwatch_logs_destination │ │ ├── README.md │ │ ├── iam.tf │ │ ├── modules │ │ │ └── destination │ │ │ │ ├── iam.tf │ │ │ │ ├── main.tf │ │ │ │ ├── output.tf │ │ │ │ └── variables.tf │ │ ├── output.tf │ │ └── variables.tf │ │ ├── tf_flow_logs │ │ ├── README.md │ │ ├── iam.tf │ │ ├── main.tf │ │ ├── output.tf │ │ └── variables.tf │ │ ├── tf_globals │ │ ├── README.md │ │ ├── alerts_firehose │ │ │ ├── iam.tf │ │ │ ├── main.tf │ │ │ └── variables.tf │ │ ├── classifier_queue │ │ │ ├── iam.tf │ │ │ ├── kms.tf │ │ │ ├── output.tf │ │ │ ├── sqs.tf │ │ │ └── variables.tf │ │ ├── lambda_layers │ │ │ ├── README.rst │ │ │ ├── aliyun-python-sdk-actiontrail==2.0.0_dependencies.zip │ │ │ └── boxsdk[jwt]==2.9.0_dependencies.zip │ │ ├── main.tf │ │ ├── output.tf │ │ └── variables.tf │ │ ├── tf_kinesis_events │ │ ├── README.md │ │ ├── main.tf │ │ └── variables.tf │ │ ├── tf_kinesis_firehose_delivery_stream │ │ ├── README.md │ │ ├── main.tf │ │ ├── outputs.tf │ │ └── variables.tf │ │ ├── tf_kinesis_firehose_setup │ │ ├── README.md │ │ ├── iam.tf │ │ ├── main.tf │ │ ├── outputs.tf │ │ └── variables.tf │ │ ├── tf_kinesis_streams │ │ ├── README.md │ │ ├── iam.tf │ │ ├── main.tf │ │ ├── outputs.tf │ │ └── variables.tf │ │ ├── tf_lambda │ │ ├── README.md │ │ ├── cloudwatch.tf │ │ ├── iam.tf │ │ ├── main.tf │ │ ├── output.tf │ │ └── variables.tf │ │ ├── tf_lookup_tables_dynamodb │ │ ├── README.md │ │ ├── main.tf │ │ └── variables.tf │ │ ├── tf_lookup_tables_policy │ │ ├── README.md │ │ ├── main.tf │ │ └── variables.tf │ │ ├── tf_lookup_tables_s3 │ │ ├── README.md │ │ ├── main.tf │ │ └── variables.tf │ │ ├── tf_metric_alarms │ │ ├── README.md │ │ ├── main.tf │ │ └── variables.tf │ │ ├── tf_metric_filters │ │ ├── README.md │ │ ├── main.tf │ │ └── variables.tf │ │ ├── tf_monitoring │ │ ├── main.tf │ │ └── variables.tf │ │ ├── tf_rule_promotion_iam │ │ ├── README.md │ │ ├── main.tf │ │ └── variables.tf │ │ ├── tf_rules_engine │ │ ├── README.md │ │ ├── iam.tf │ │ ├── lambda.tf │ │ └── variables.tf │ │ ├── tf_s3_events │ │ ├── main.tf │ │ └── variables.tf │ │ ├── tf_scheduled_queries │ │ ├── cloudwatch_schedule.tf │ │ ├── iam_roles.tf │ │ ├── lambda.tf │ │ ├── outputs.tf │ │ ├── step_function.tf │ │ └── variables.tf │ │ └── tf_threat_intel_downloader │ │ ├── README.md │ │ ├── dynamodb.tf │ │ ├── iam.tf │ │ └── variables.tf ├── apps │ ├── __init__.py │ ├── handler.py │ └── helpers.py ├── athena │ ├── __init__.py │ ├── handler.py │ └── helpers.py ├── config.py ├── configure │ ├── __init__.py │ └── handler.py ├── helpers.py ├── kinesis │ ├── __init__.py │ └── handler.py ├── logger.py ├── lookup_tables │ ├── __init__.py │ └── handler.py ├── manage_lambda │ ├── __init__.py │ ├── deploy.py │ ├── package.py │ └── rollback.py ├── metrics_alarms │ ├── __init__.py │ └── handler.py ├── outputs │ ├── __init__.py │ ├── handler.py │ └── helpers.py ├── rule_table.py ├── runner.py ├── status │ ├── __init__.py │ └── handler.py ├── terraform │ ├── __init__.py │ ├── alert_merger.py │ ├── alert_processor.py │ ├── apps.py │ ├── artifact_extractor.py │ ├── athena.py │ ├── classifier.py │ ├── cloudtrail.py │ ├── cloudwatch_destinations.py │ ├── cloudwatch_events.py │ ├── common.py │ ├── firehose.py │ ├── flow_logs.py │ ├── generate.py │ ├── handlers.py │ ├── helpers.py │ ├── kinesis_events.py │ ├── kinesis_streams.py │ ├── lambda_module.py │ ├── metrics.py │ ├── monitoring.py │ ├── rule_promotion.py │ ├── rules_engine.py │ ├── s3_events.py │ ├── scheduled_queries.py │ └── threat_intel_downloader.py ├── test │ ├── __init__.py │ ├── event.py │ ├── event_file.py │ ├── format.py │ ├── handler.py │ ├── mocks.py │ └── results.py ├── threat_intel │ ├── __init__.py │ └── handler.py ├── threat_intel_downloader │ ├── __init__.py │ └── handler.py └── utils.py ├── tests ├── __init__.py ├── scripts │ ├── autoflake.sh │ ├── autopep8.sh │ ├── covreport.sh │ ├── pylint.sh │ ├── rule_test.sh │ ├── sort_configs.py │ ├── test_the_docs.sh │ ├── unit_tests.sh │ └── update_reqs.sh └── unit │ ├── __init__.py │ ├── conf │ ├── clusters │ │ ├── advanced.json │ │ ├── test.json │ │ └── trusted.json │ ├── global.json │ ├── lambda.json │ ├── logs.json │ ├── lookup_tables.json │ ├── normalized_types.json │ ├── outputs.json │ ├── scheduled_queries.json │ └── threat_intel.json │ ├── conf_athena │ ├── clusters │ │ └── test.json │ ├── global.json │ ├── lambda.json │ └── schemas │ │ └── unit_test_schemas.json │ ├── helpers │ ├── __init__.py │ ├── aws_mocks.py │ ├── base.py │ ├── config.py │ └── mocks.py │ ├── streamalert │ ├── __init__.py │ ├── alert_merger │ │ ├── __init__.py │ │ └── test_main.py │ ├── alert_processor │ │ ├── __init__.py │ │ ├── helpers.py │ │ ├── outputs │ │ │ ├── __init__.py │ │ │ ├── credentials │ │ │ │ ├── __init__.py │ │ │ │ └── test_provider.py │ │ │ ├── test_aws.py │ │ │ ├── test_carbonblack.py │ │ │ ├── test_demisto.py │ │ │ ├── test_github.py │ │ │ ├── test_jira.py │ │ │ ├── test_jira_v2.py │ │ │ ├── test_komand.py │ │ │ ├── test_output_base.py │ │ │ ├── test_pagerduty.py │ │ │ ├── test_phantom.py │ │ │ ├── test_slack.py │ │ │ └── test_teams.py │ │ ├── test_helpers.py │ │ └── test_main.py │ ├── apps │ │ ├── __init__.py │ │ ├── test_apps │ │ │ ├── __init__.py │ │ │ ├── test_aliyun.py │ │ │ ├── test_app_base.py │ │ │ ├── test_box.py │ │ │ ├── test_duo.py │ │ │ ├── test_gsuite.py │ │ │ ├── test_intercom.py │ │ │ ├── test_onelogin.py │ │ │ ├── test_salesforce.py │ │ │ └── test_slack.py │ │ ├── test_batcher.py │ │ ├── test_config.py │ │ ├── test_helpers.py │ │ └── test_main.py │ ├── athena_partitioner │ │ ├── __init__.py │ │ └── test_main.py │ ├── classifier │ │ ├── __init__.py │ │ ├── clients │ │ │ ├── __init__.py │ │ │ └── test_sqs.py │ │ ├── payload │ │ │ ├── __init__.py │ │ │ ├── test_payload_apps.py │ │ │ ├── test_payload_base.py │ │ │ ├── test_payload_kinesis.py │ │ │ ├── test_payload_record.py │ │ │ ├── test_payload_s3.py │ │ │ └── test_payload_sns.py │ │ ├── test_classifier.py │ │ ├── test_parsers_base.py │ │ ├── test_parsers_csv.py │ │ ├── test_parsers_json.py │ │ ├── test_parsers_kv.py │ │ └── test_parsers_syslog.py │ ├── rule_promotion │ │ ├── __init__.py │ │ ├── test_promoter.py │ │ ├── test_publisher.py │ │ └── test_statistic.py │ ├── rules_engine │ │ ├── __init__.py │ │ ├── test_alerter.py │ │ ├── test_rules_engine.py │ │ └── test_threat_intel.py │ ├── scheduled_queries │ │ ├── __init__.py │ │ ├── command │ │ │ ├── __init__.py │ │ │ └── test_processor.py │ │ ├── container │ │ │ ├── __init__.py │ │ │ └── test_container.py │ │ ├── handlers │ │ │ ├── __init__.py │ │ │ └── test_athena.py │ │ ├── query_packs │ │ │ ├── __init__.py │ │ │ ├── test_configuration.py │ │ │ └── test_manager.py │ │ ├── state │ │ │ ├── .gitignore │ │ │ ├── __init__.py │ │ │ └── test_state_manager.py │ │ └── streamalert │ │ │ ├── __init__.py │ │ │ └── test_kinesis.py │ ├── shared │ │ ├── __init__.py │ │ ├── lookup_tables │ │ │ ├── __init__.py │ │ │ ├── test_cache.py │ │ │ ├── test_configuration.py │ │ │ ├── test_core.py │ │ │ ├── test_driver.py │ │ │ ├── test_driver_dynamodb.py │ │ │ ├── test_driver_s3.py │ │ │ └── test_table.py │ │ ├── test_alert.py │ │ ├── test_alert_table.py │ │ ├── test_artifact_extractor.py │ │ ├── test_athena.py │ │ ├── test_aws_api_client.py │ │ ├── test_backoff_handlers.py │ │ ├── test_config.py │ │ ├── test_description.py │ │ ├── test_firehose.py │ │ ├── test_importer.py │ │ ├── test_logger.py │ │ ├── test_metrics.py │ │ ├── test_normalizer.py │ │ ├── test_publisher.py │ │ ├── test_resources.py │ │ ├── test_rule.py │ │ ├── test_rule_table.py │ │ ├── test_stats.py │ │ └── test_utils.py │ └── threat_intel_downloader │ │ ├── __init__.py │ │ ├── test_helpers.py │ │ └── test_main.py │ └── streamalert_cli │ ├── __init__.py │ ├── athena │ ├── __init__.py │ ├── test_handler.py │ └── test_helpers.py │ ├── manage_lambda │ ├── __init__.py │ ├── test_deploy.py │ ├── test_package.py │ └── test_rollback.py │ ├── terraform │ ├── __init__.py │ ├── test_alert_processor.py │ ├── test_artifact_extractor.py │ ├── test_athena.py │ ├── test_firehose.py │ ├── test_generate.py │ ├── test_generate_classifier.py │ ├── test_generate_rules_engine.py │ ├── test_handlers.py │ ├── test_kinesis_events.py │ ├── test_kinesis_streams.py │ ├── test_monitoring.py │ ├── test_rule_promotion.py │ ├── test_s3_events.py │ └── test_scheduled_queries.py │ ├── test │ ├── __init__.py │ ├── helpers.py │ ├── test_event.py │ ├── test_event_file.py │ └── test_handler.py │ ├── test_cli_config.py │ └── test_helpers.py └── vagrant └── cli ├── python-virtualenvwrapper ├── configure.sh └── install.sh ├── streamalert ├── configure.sh ├── install.sh └── sshd_config └── terraform └── install.sh /.github/CONTRIBUTING.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/.github/CONTRIBUTING.rst -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/.github/ISSUE_TEMPLATE.md -------------------------------------------------------------------------------- /.github/PULL_REQUEST_TEMPLATE.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/.github/PULL_REQUEST_TEMPLATE.md -------------------------------------------------------------------------------- /.github/workflows/ci.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/.github/workflows/ci.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/.gitignore -------------------------------------------------------------------------------- /.pylintrc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/.pylintrc -------------------------------------------------------------------------------- /AUTHORS.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/AUTHORS.rst -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/LICENSE -------------------------------------------------------------------------------- /README.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/README.rst -------------------------------------------------------------------------------- /Vagrantfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/Vagrantfile -------------------------------------------------------------------------------- /conf/clusters/prod.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/conf/clusters/prod.json -------------------------------------------------------------------------------- /conf/global.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/conf/global.json -------------------------------------------------------------------------------- /conf/lambda.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/conf/lambda.json -------------------------------------------------------------------------------- /conf/lookup_tables.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/conf/lookup_tables.json -------------------------------------------------------------------------------- /conf/normalized_types.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/conf/normalized_types.json -------------------------------------------------------------------------------- /conf/outputs.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/conf/outputs.json -------------------------------------------------------------------------------- /conf/scheduled_queries.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/conf/scheduled_queries.json -------------------------------------------------------------------------------- /conf/schemas/aliyun.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/conf/schemas/aliyun.json -------------------------------------------------------------------------------- /conf/schemas/binaryalert.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/conf/schemas/binaryalert.json -------------------------------------------------------------------------------- /conf/schemas/box.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/conf/schemas/box.json -------------------------------------------------------------------------------- /conf/schemas/carbonblack.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/conf/schemas/carbonblack.json -------------------------------------------------------------------------------- /conf/schemas/cloudtrail.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/conf/schemas/cloudtrail.json -------------------------------------------------------------------------------- /conf/schemas/cloudwatch.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/conf/schemas/cloudwatch.json -------------------------------------------------------------------------------- /conf/schemas/duo.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/conf/schemas/duo.json -------------------------------------------------------------------------------- /conf/schemas/fleet.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/conf/schemas/fleet.json -------------------------------------------------------------------------------- /conf/schemas/ghe.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/conf/schemas/ghe.json -------------------------------------------------------------------------------- /conf/schemas/gsuite.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/conf/schemas/gsuite.json -------------------------------------------------------------------------------- /conf/schemas/okta.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/conf/schemas/okta.json -------------------------------------------------------------------------------- /conf/schemas/onelogin.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/conf/schemas/onelogin.json -------------------------------------------------------------------------------- /conf/schemas/osquery.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/conf/schemas/osquery.json -------------------------------------------------------------------------------- /conf/schemas/packetbeat.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/conf/schemas/packetbeat.json -------------------------------------------------------------------------------- /conf/schemas/pan.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/conf/schemas/pan.json -------------------------------------------------------------------------------- /conf/schemas/slack.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/conf/schemas/slack.json -------------------------------------------------------------------------------- /conf/schemas/streamquery.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/conf/schemas/streamquery.json -------------------------------------------------------------------------------- /conf/schemas/trendmicro.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/conf/schemas/trendmicro.json -------------------------------------------------------------------------------- /conf/threat_intel.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/conf/threat_intel.json -------------------------------------------------------------------------------- /constraints.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/constraints.txt -------------------------------------------------------------------------------- /docs/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/Makefile -------------------------------------------------------------------------------- /docs/images/artifacts.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/images/artifacts.png -------------------------------------------------------------------------------- /docs/images/athena-alerts-search.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/images/athena-alerts-search.png -------------------------------------------------------------------------------- /docs/images/athena-data-search.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/images/athena-data-search.png -------------------------------------------------------------------------------- /docs/images/cloudwatch_events.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/images/cloudwatch_events.png -------------------------------------------------------------------------------- /docs/images/historical-search.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/images/historical-search.png -------------------------------------------------------------------------------- /docs/images/join_search.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/images/join_search.png -------------------------------------------------------------------------------- /docs/images/normalization-arch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/images/normalization-arch.png -------------------------------------------------------------------------------- /docs/images/sa-banner.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/images/sa-banner.png -------------------------------------------------------------------------------- /docs/images/sa-complete-arch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/images/sa-complete-arch.png -------------------------------------------------------------------------------- /docs/images/sa-high-level-arch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/images/sa-high-level-arch.png -------------------------------------------------------------------------------- /docs/images/sa-square-logo-standalone.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/images/sa-square-logo-standalone.png -------------------------------------------------------------------------------- /docs/make.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/make.bat -------------------------------------------------------------------------------- /docs/source/alternatives.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/source/alternatives.rst -------------------------------------------------------------------------------- /docs/source/apps.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/source/apps.rst -------------------------------------------------------------------------------- /docs/source/architecture.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/source/architecture.rst -------------------------------------------------------------------------------- /docs/source/conf-schemas-examples.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/source/conf-schemas-examples.rst -------------------------------------------------------------------------------- /docs/source/conf.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/source/conf.py -------------------------------------------------------------------------------- /docs/source/config-clusters.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/source/config-clusters.rst -------------------------------------------------------------------------------- /docs/source/config-global.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/source/config-global.rst -------------------------------------------------------------------------------- /docs/source/config-schemas.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/source/config-schemas.rst -------------------------------------------------------------------------------- /docs/source/datasources.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/source/datasources.rst -------------------------------------------------------------------------------- /docs/source/datatypes.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/source/datatypes.rst -------------------------------------------------------------------------------- /docs/source/deployment.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/source/deployment.rst -------------------------------------------------------------------------------- /docs/source/dynamic-outputs.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/source/dynamic-outputs.rst -------------------------------------------------------------------------------- /docs/source/faq.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/source/faq.rst -------------------------------------------------------------------------------- /docs/source/getting-started.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/source/getting-started.rst -------------------------------------------------------------------------------- /docs/source/historical-search.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/source/historical-search.rst -------------------------------------------------------------------------------- /docs/source/index.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/source/index.rst -------------------------------------------------------------------------------- /docs/source/lookup-tables.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/source/lookup-tables.rst -------------------------------------------------------------------------------- /docs/source/metrics.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/source/metrics.rst -------------------------------------------------------------------------------- /docs/source/normalization.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/source/normalization.rst -------------------------------------------------------------------------------- /docs/source/outputs.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/source/outputs.rst -------------------------------------------------------------------------------- /docs/source/publishers.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/source/publishers.rst -------------------------------------------------------------------------------- /docs/source/rule-promotion.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/source/rule-promotion.rst -------------------------------------------------------------------------------- /docs/source/rule-staging.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/source/rule-staging.rst -------------------------------------------------------------------------------- /docs/source/rules.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/source/rules.rst -------------------------------------------------------------------------------- /docs/source/scheduled-queries.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/source/scheduled-queries.rst -------------------------------------------------------------------------------- /docs/source/testing.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/source/testing.rst -------------------------------------------------------------------------------- /docs/source/troubleshooting.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/docs/source/troubleshooting.rst -------------------------------------------------------------------------------- /manage.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/manage.py -------------------------------------------------------------------------------- /matchers/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /matchers/default.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/matchers/default.py -------------------------------------------------------------------------------- /publishers/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /publishers/community/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /publishers/community/generic.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/publishers/community/generic.py -------------------------------------------------------------------------------- /publishers/community/pagerduty/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /publishers/community/pagerduty/pagerduty_layout.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/publishers/community/pagerduty/pagerduty_layout.py -------------------------------------------------------------------------------- /publishers/community/slack/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /publishers/community/slack/slack_layout.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/publishers/community/slack/slack_layout.py -------------------------------------------------------------------------------- /publishers/sample/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /publishers/sample/sample_demisto.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/publishers/sample/sample_demisto.py -------------------------------------------------------------------------------- /requirements-top-level.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/requirements-top-level.txt -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/requirements.txt -------------------------------------------------------------------------------- /rules/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /rules/classifier/aliyun/aliyun_actiontrail.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/classifier/aliyun/aliyun_actiontrail.json -------------------------------------------------------------------------------- /rules/classifier/box/box_admin_events.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/classifier/box/box_admin_events.json -------------------------------------------------------------------------------- /rules/classifier/cloudtrail/cloudtrail_events.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/classifier/cloudtrail/cloudtrail_events.json -------------------------------------------------------------------------------- /rules/classifier/cloudtrail/cloudtrail_insights.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/classifier/cloudtrail/cloudtrail_insights.json -------------------------------------------------------------------------------- /rules/classifier/cloudwatch/cloudwatch_cloudtrail.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/classifier/cloudwatch/cloudwatch_cloudtrail.json -------------------------------------------------------------------------------- /rules/classifier/cloudwatch/cloudwatch_control_message.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/classifier/cloudwatch/cloudwatch_control_message.json -------------------------------------------------------------------------------- /rules/classifier/cloudwatch/cloudwatch_rds_aurora.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/classifier/cloudwatch/cloudwatch_rds_aurora.json -------------------------------------------------------------------------------- /rules/classifier/gsuite/gsuite_reports.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/classifier/gsuite/gsuite_reports.json -------------------------------------------------------------------------------- /rules/classifier/osquery/osquery_snapshot.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/classifier/osquery/osquery_snapshot.json -------------------------------------------------------------------------------- /rules/classifier/packbeat/packetbeat_dns.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/classifier/packbeat/packetbeat_dns.json -------------------------------------------------------------------------------- /rules/classifier/packbeat/packetbeat_flow.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/classifier/packbeat/packetbeat_flow.json -------------------------------------------------------------------------------- /rules/classifier/slack/slack_access.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/classifier/slack/slack_access.json -------------------------------------------------------------------------------- /rules/classifier/slack/slack_integration.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/classifier/slack/slack_integration.json -------------------------------------------------------------------------------- /rules/community/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /rules/community/binaryalert/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /rules/community/binaryalert/binaryalert_yara_match.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/binaryalert/binaryalert_yara_match.json -------------------------------------------------------------------------------- /rules/community/binaryalert/binaryalert_yara_match.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/binaryalert/binaryalert_yara_match.py -------------------------------------------------------------------------------- /rules/community/cloudtrail/cloudtrail_aws_config.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/cloudtrail/cloudtrail_aws_config.json -------------------------------------------------------------------------------- /rules/community/cloudtrail/cloudtrail_aws_config.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/cloudtrail/cloudtrail_aws_config.py -------------------------------------------------------------------------------- /rules/community/cloudwatch_events/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /rules/community/cloudwatch_events/cloudtrail_critical_api_calls.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/cloudwatch_events/cloudtrail_critical_api_calls.json -------------------------------------------------------------------------------- /rules/community/cloudwatch_events/cloudtrail_critical_api_calls.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/cloudwatch_events/cloudtrail_critical_api_calls.py -------------------------------------------------------------------------------- /rules/community/cloudwatch_events/cloudtrail_ec2_image_creation.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/cloudwatch_events/cloudtrail_ec2_image_creation.json -------------------------------------------------------------------------------- /rules/community/cloudwatch_events/cloudtrail_ec2_image_creation.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/cloudwatch_events/cloudtrail_ec2_image_creation.py -------------------------------------------------------------------------------- /rules/community/cloudwatch_events/cloudtrail_mfa_policy_abuse_attempt.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/cloudwatch_events/cloudtrail_mfa_policy_abuse_attempt.json -------------------------------------------------------------------------------- /rules/community/cloudwatch_events/cloudtrail_mfa_policy_abuse_attempt.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/cloudwatch_events/cloudtrail_mfa_policy_abuse_attempt.py -------------------------------------------------------------------------------- /rules/community/cloudwatch_events/cloudtrail_network_acl_ingress_anywhere.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/cloudwatch_events/cloudtrail_network_acl_ingress_anywhere.json -------------------------------------------------------------------------------- /rules/community/cloudwatch_events/cloudtrail_network_acl_ingress_anywhere.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/cloudwatch_events/cloudtrail_network_acl_ingress_anywhere.py -------------------------------------------------------------------------------- /rules/community/cloudwatch_events/cloudtrail_public_resources.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/cloudwatch_events/cloudtrail_public_resources.json -------------------------------------------------------------------------------- /rules/community/cloudwatch_events/cloudtrail_public_resources.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/cloudwatch_events/cloudtrail_public_resources.py -------------------------------------------------------------------------------- /rules/community/cloudwatch_events/cloudtrail_put_bucket_acl.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/cloudwatch_events/cloudtrail_put_bucket_acl.json -------------------------------------------------------------------------------- /rules/community/cloudwatch_events/cloudtrail_put_bucket_acl.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/cloudwatch_events/cloudtrail_put_bucket_acl.py -------------------------------------------------------------------------------- /rules/community/cloudwatch_events/cloudtrail_put_object_acl_public.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/cloudwatch_events/cloudtrail_put_object_acl_public.json -------------------------------------------------------------------------------- /rules/community/cloudwatch_events/cloudtrail_put_object_acl_public.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/cloudwatch_events/cloudtrail_put_object_acl_public.py -------------------------------------------------------------------------------- /rules/community/cloudwatch_events/cloudtrail_put_object_acl_public_publisher_example.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/cloudwatch_events/cloudtrail_put_object_acl_public_publisher_example.json -------------------------------------------------------------------------------- /rules/community/cloudwatch_events/cloudtrail_put_object_acl_public_publisher_example.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/cloudwatch_events/cloudtrail_put_object_acl_public_publisher_example.py -------------------------------------------------------------------------------- /rules/community/cloudwatch_events/cloudtrail_root_account_usage.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/cloudwatch_events/cloudtrail_root_account_usage.json -------------------------------------------------------------------------------- /rules/community/cloudwatch_events/cloudtrail_root_account_usage.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/cloudwatch_events/cloudtrail_root_account_usage.py -------------------------------------------------------------------------------- /rules/community/cloudwatch_events/cloudtrail_security_group_ingress_anywhere.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/cloudwatch_events/cloudtrail_security_group_ingress_anywhere.json -------------------------------------------------------------------------------- /rules/community/cloudwatch_events/cloudtrail_security_group_ingress_anywhere.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/cloudwatch_events/cloudtrail_security_group_ingress_anywhere.py -------------------------------------------------------------------------------- /rules/community/cloudwatch_events/cloudtrail_snapshot_or_ami_made_public.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/cloudwatch_events/cloudtrail_snapshot_or_ami_made_public.json -------------------------------------------------------------------------------- /rules/community/cloudwatch_events/cloudtrail_snapshot_or_ami_made_public.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/cloudwatch_events/cloudtrail_snapshot_or_ami_made_public.py -------------------------------------------------------------------------------- /rules/community/duo_administrator/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /rules/community/duo_administrator/duo_bypass_code_create_non_auto_generated.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/duo_administrator/duo_bypass_code_create_non_auto_generated.json -------------------------------------------------------------------------------- /rules/community/duo_administrator/duo_bypass_code_create_non_auto_generated.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/duo_administrator/duo_bypass_code_create_non_auto_generated.py -------------------------------------------------------------------------------- /rules/community/duo_administrator/duo_bypass_code_create_non_expiring.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/duo_administrator/duo_bypass_code_create_non_expiring.json -------------------------------------------------------------------------------- /rules/community/duo_administrator/duo_bypass_code_create_non_expiring.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/duo_administrator/duo_bypass_code_create_non_expiring.py -------------------------------------------------------------------------------- /rules/community/duo_administrator/duo_bypass_code_create_unlimited_use.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/duo_administrator/duo_bypass_code_create_unlimited_use.json -------------------------------------------------------------------------------- /rules/community/duo_administrator/duo_bypass_code_create_unlimited_use.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/duo_administrator/duo_bypass_code_create_unlimited_use.py -------------------------------------------------------------------------------- /rules/community/duo_authentication/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /rules/community/duo_authentication/duo_anonymous_ip_failure.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/duo_authentication/duo_anonymous_ip_failure.json -------------------------------------------------------------------------------- /rules/community/duo_authentication/duo_anonymous_ip_failure.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/duo_authentication/duo_anonymous_ip_failure.py -------------------------------------------------------------------------------- /rules/community/duo_authentication/duo_fraud.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/duo_authentication/duo_fraud.json -------------------------------------------------------------------------------- /rules/community/duo_authentication/duo_fraud.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/duo_authentication/duo_fraud.py -------------------------------------------------------------------------------- /rules/community/duo_authentication/duo_lookup_tables_example.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/duo_authentication/duo_lookup_tables_example.json -------------------------------------------------------------------------------- /rules/community/duo_authentication/duo_lookup_tables_example.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/duo_authentication/duo_lookup_tables_example.py -------------------------------------------------------------------------------- /rules/community/fleet/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /rules/community/fleet/fleet_bad_action.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/fleet/fleet_bad_action.json -------------------------------------------------------------------------------- /rules/community/fleet/fleet_bad_action.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/fleet/fleet_bad_action.py -------------------------------------------------------------------------------- /rules/community/github/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /rules/community/github/github_disable_dismiss_stale_pull_request_approvals.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/github/github_disable_dismiss_stale_pull_request_approvals.json -------------------------------------------------------------------------------- /rules/community/github/github_disable_dismiss_stale_pull_request_approvals.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/github/github_disable_dismiss_stale_pull_request_approvals.py -------------------------------------------------------------------------------- /rules/community/github/github_disable_protect_this_branch.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/github/github_disable_protect_this_branch.json -------------------------------------------------------------------------------- /rules/community/github/github_disable_protect_this_branch.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/github/github_disable_protect_this_branch.py -------------------------------------------------------------------------------- /rules/community/github/github_disable_required_pull_request_reviews.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/github/github_disable_required_pull_request_reviews.json -------------------------------------------------------------------------------- /rules/community/github/github_disable_required_pull_request_reviews.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/github/github_disable_required_pull_request_reviews.py -------------------------------------------------------------------------------- /rules/community/github/github_disable_required_status_checks.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/github/github_disable_required_status_checks.json -------------------------------------------------------------------------------- /rules/community/github/github_disable_required_status_checks.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/github/github_disable_required_status_checks.py -------------------------------------------------------------------------------- /rules/community/github/github_disable_two_factor_requirement_org.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/github/github_disable_two_factor_requirement_org.json -------------------------------------------------------------------------------- /rules/community/github/github_disable_two_factor_requirement_org.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/github/github_disable_two_factor_requirement_org.py -------------------------------------------------------------------------------- /rules/community/github/github_disable_two_factor_requirement_user.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/github/github_disable_two_factor_requirement_user.json -------------------------------------------------------------------------------- /rules/community/github/github_disable_two_factor_requirement_user.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/github/github_disable_two_factor_requirement_user.py -------------------------------------------------------------------------------- /rules/community/github/github_oauth_application_create.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/github/github_oauth_application_create.json -------------------------------------------------------------------------------- /rules/community/github/github_oauth_application_create.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/github/github_oauth_application_create.py -------------------------------------------------------------------------------- /rules/community/github/github_site_admin_action.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/github/github_site_admin_action.json -------------------------------------------------------------------------------- /rules/community/github/github_site_admin_action.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/github/github_site_admin_action.py -------------------------------------------------------------------------------- /rules/community/github/github_site_admin_user_promotion.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/github/github_site_admin_user_promotion.json -------------------------------------------------------------------------------- /rules/community/github/github_site_admin_user_promotion.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/github/github_site_admin_user_promotion.py -------------------------------------------------------------------------------- /rules/community/guardduty/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /rules/community/guardduty/guard_duty_all.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/guardduty/guard_duty_all.json -------------------------------------------------------------------------------- /rules/community/guardduty/guard_duty_all.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/guardduty/guard_duty_all.py -------------------------------------------------------------------------------- /rules/community/mitre_attack/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /rules/community/mitre_attack/defense_evasion/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /rules/community/mitre_attack/defense_evasion/multi/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /rules/community/mitre_attack/defense_evasion/multi/obfuscated_files_or_information/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /rules/community/mitre_attack/defense_evasion/multi/obfuscated_files_or_information/right_to_left_character.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/mitre_attack/defense_evasion/multi/obfuscated_files_or_information/right_to_left_character.json -------------------------------------------------------------------------------- /rules/community/mitre_attack/defense_evasion/multi/obfuscated_files_or_information/right_to_left_character.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/mitre_attack/defense_evasion/multi/obfuscated_files_or_information/right_to_left_character.py -------------------------------------------------------------------------------- /rules/community/okta/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /rules/community/okta/okta_new_login.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/okta/okta_new_login.json -------------------------------------------------------------------------------- /rules/community/onelogin/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /rules/community/onelogin/onelogin_events_assumed_role.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/onelogin/onelogin_events_assumed_role.json -------------------------------------------------------------------------------- /rules/community/onelogin/onelogin_events_assumed_role.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/onelogin/onelogin_events_assumed_role.py -------------------------------------------------------------------------------- /rules/community/onelogin/onelogin_events_threat_intel_example.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/onelogin/onelogin_events_threat_intel_example.json -------------------------------------------------------------------------------- /rules/community/onelogin/onelogin_events_threat_intel_example.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/onelogin/onelogin_events_threat_intel_example.py -------------------------------------------------------------------------------- /rules/community/osquery/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /rules/community/osquery/ssh_login_activity.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/osquery/ssh_login_activity.json -------------------------------------------------------------------------------- /rules/community/osquery/ssh_login_activity.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/osquery/ssh_login_activity.py -------------------------------------------------------------------------------- /rules/community/packetbeat/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /rules/community/packetbeat/packetbeat_blacklisted_domain.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/packetbeat/packetbeat_blacklisted_domain.json -------------------------------------------------------------------------------- /rules/community/packetbeat/packetbeat_blacklisted_domain.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/packetbeat/packetbeat_blacklisted_domain.py -------------------------------------------------------------------------------- /rules/community/packetbeat/packetbeat_blacklisted_ip.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/packetbeat/packetbeat_blacklisted_ip.json -------------------------------------------------------------------------------- /rules/community/packetbeat/packetbeat_blacklisted_ip.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/packetbeat/packetbeat_blacklisted_ip.py -------------------------------------------------------------------------------- /rules/community/packetbeat/packetbeat_dns_lookup.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/packetbeat/packetbeat_dns_lookup.json -------------------------------------------------------------------------------- /rules/community/packetbeat/packetbeat_dns_lookup.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/packetbeat/packetbeat_dns_lookup.py -------------------------------------------------------------------------------- /rules/community/trendmicro/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /rules/community/trendmicro/trendmicro_malware_event.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/trendmicro/trendmicro_malware_event.json -------------------------------------------------------------------------------- /rules/community/trendmicro/trendmicro_malware_event.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/community/trendmicro/trendmicro_malware_event.py -------------------------------------------------------------------------------- /rules/default/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /rules/helpers/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /rules/helpers/base.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/helpers/base.py -------------------------------------------------------------------------------- /rules/sample/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /rules/sample/sample_demisto.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/sample/sample_demisto.json -------------------------------------------------------------------------------- /rules/sample/sample_demisto.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/rules/sample/sample_demisto.py -------------------------------------------------------------------------------- /scheduled_queries/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /scheduled_queries/sample/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /scheduled_queries/sample/athena.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/scheduled_queries/sample/athena.py -------------------------------------------------------------------------------- /setup.cfg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/setup.cfg -------------------------------------------------------------------------------- /streamalert/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/__init__.py -------------------------------------------------------------------------------- /streamalert/alert_merger/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /streamalert/alert_merger/main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/alert_merger/main.py -------------------------------------------------------------------------------- /streamalert/alert_processor/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /streamalert/alert_processor/helpers.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/alert_processor/helpers.py -------------------------------------------------------------------------------- /streamalert/alert_processor/main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/alert_processor/main.py -------------------------------------------------------------------------------- /streamalert/alert_processor/outputs/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/alert_processor/outputs/__init__.py -------------------------------------------------------------------------------- /streamalert/alert_processor/outputs/aws.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/alert_processor/outputs/aws.py -------------------------------------------------------------------------------- /streamalert/alert_processor/outputs/carbonblack.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/alert_processor/outputs/carbonblack.py -------------------------------------------------------------------------------- /streamalert/alert_processor/outputs/credentials/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /streamalert/alert_processor/outputs/credentials/provider.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/alert_processor/outputs/credentials/provider.py -------------------------------------------------------------------------------- /streamalert/alert_processor/outputs/demisto.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/alert_processor/outputs/demisto.py -------------------------------------------------------------------------------- /streamalert/alert_processor/outputs/github.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/alert_processor/outputs/github.py -------------------------------------------------------------------------------- /streamalert/alert_processor/outputs/jira.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/alert_processor/outputs/jira.py -------------------------------------------------------------------------------- /streamalert/alert_processor/outputs/jira_v2.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/alert_processor/outputs/jira_v2.py -------------------------------------------------------------------------------- /streamalert/alert_processor/outputs/komand.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/alert_processor/outputs/komand.py -------------------------------------------------------------------------------- /streamalert/alert_processor/outputs/output_base.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/alert_processor/outputs/output_base.py -------------------------------------------------------------------------------- /streamalert/alert_processor/outputs/pagerduty.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/alert_processor/outputs/pagerduty.py -------------------------------------------------------------------------------- /streamalert/alert_processor/outputs/phantom.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/alert_processor/outputs/phantom.py -------------------------------------------------------------------------------- /streamalert/alert_processor/outputs/slack.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/alert_processor/outputs/slack.py -------------------------------------------------------------------------------- /streamalert/alert_processor/outputs/teams.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/alert_processor/outputs/teams.py -------------------------------------------------------------------------------- /streamalert/alert_processor/outputs/victorops.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/alert_processor/outputs/victorops.py -------------------------------------------------------------------------------- /streamalert/apps/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/apps/__init__.py -------------------------------------------------------------------------------- /streamalert/apps/_apps/README.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/apps/_apps/README.rst -------------------------------------------------------------------------------- /streamalert/apps/_apps/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/apps/_apps/__init__.py -------------------------------------------------------------------------------- /streamalert/apps/_apps/aliyun.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/apps/_apps/aliyun.py -------------------------------------------------------------------------------- /streamalert/apps/_apps/box.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/apps/_apps/box.py -------------------------------------------------------------------------------- /streamalert/apps/_apps/duo.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/apps/_apps/duo.py -------------------------------------------------------------------------------- /streamalert/apps/_apps/gsuite.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/apps/_apps/gsuite.py -------------------------------------------------------------------------------- /streamalert/apps/_apps/intercom.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/apps/_apps/intercom.py -------------------------------------------------------------------------------- /streamalert/apps/_apps/onelogin.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/apps/_apps/onelogin.py -------------------------------------------------------------------------------- /streamalert/apps/_apps/salesforce.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/apps/_apps/salesforce.py -------------------------------------------------------------------------------- /streamalert/apps/_apps/slack.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/apps/_apps/slack.py -------------------------------------------------------------------------------- /streamalert/apps/app_base.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/apps/app_base.py -------------------------------------------------------------------------------- /streamalert/apps/batcher.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/apps/batcher.py -------------------------------------------------------------------------------- /streamalert/apps/config.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/apps/config.py -------------------------------------------------------------------------------- /streamalert/apps/exceptions.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/apps/exceptions.py -------------------------------------------------------------------------------- /streamalert/apps/main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/apps/main.py -------------------------------------------------------------------------------- /streamalert/athena_partitioner/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /streamalert/athena_partitioner/main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/athena_partitioner/main.py -------------------------------------------------------------------------------- /streamalert/classifier/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/classifier/__init__.py -------------------------------------------------------------------------------- /streamalert/classifier/classifier.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/classifier/classifier.py -------------------------------------------------------------------------------- /streamalert/classifier/clients/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/classifier/clients/__init__.py -------------------------------------------------------------------------------- /streamalert/classifier/clients/sqs.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/classifier/clients/sqs.py -------------------------------------------------------------------------------- /streamalert/classifier/main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/classifier/main.py -------------------------------------------------------------------------------- /streamalert/classifier/parsers.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/classifier/parsers.py -------------------------------------------------------------------------------- /streamalert/classifier/payload/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/classifier/payload/__init__.py -------------------------------------------------------------------------------- /streamalert/classifier/payload/apps.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/classifier/payload/apps.py -------------------------------------------------------------------------------- /streamalert/classifier/payload/kinesis.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/classifier/payload/kinesis.py -------------------------------------------------------------------------------- /streamalert/classifier/payload/payload_base.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/classifier/payload/payload_base.py -------------------------------------------------------------------------------- /streamalert/classifier/payload/s3.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/classifier/payload/s3.py -------------------------------------------------------------------------------- /streamalert/classifier/payload/sns.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/classifier/payload/sns.py -------------------------------------------------------------------------------- /streamalert/rule_promotion/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /streamalert/rule_promotion/main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/rule_promotion/main.py -------------------------------------------------------------------------------- /streamalert/rule_promotion/promoter.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/rule_promotion/promoter.py -------------------------------------------------------------------------------- /streamalert/rule_promotion/publisher.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/rule_promotion/publisher.py -------------------------------------------------------------------------------- /streamalert/rule_promotion/statistic.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/rule_promotion/statistic.py -------------------------------------------------------------------------------- /streamalert/rules_engine/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/rules_engine/__init__.py -------------------------------------------------------------------------------- /streamalert/rules_engine/alert_forwarder.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/rules_engine/alert_forwarder.py -------------------------------------------------------------------------------- /streamalert/rules_engine/main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/rules_engine/main.py -------------------------------------------------------------------------------- /streamalert/rules_engine/rules_engine.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/rules_engine/rules_engine.py -------------------------------------------------------------------------------- /streamalert/rules_engine/threat_intel.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/rules_engine/threat_intel.py -------------------------------------------------------------------------------- /streamalert/scheduled_queries/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/scheduled_queries/__init__.py -------------------------------------------------------------------------------- /streamalert/scheduled_queries/command/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /streamalert/scheduled_queries/command/application.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/scheduled_queries/command/application.py -------------------------------------------------------------------------------- /streamalert/scheduled_queries/command/processor.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/scheduled_queries/command/processor.py -------------------------------------------------------------------------------- /streamalert/scheduled_queries/config/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /streamalert/scheduled_queries/config/lambda_conf.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/scheduled_queries/config/lambda_conf.py -------------------------------------------------------------------------------- /streamalert/scheduled_queries/config/services.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/scheduled_queries/config/services.py -------------------------------------------------------------------------------- /streamalert/scheduled_queries/container/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /streamalert/scheduled_queries/container/container.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/scheduled_queries/container/container.py -------------------------------------------------------------------------------- /streamalert/scheduled_queries/handlers/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /streamalert/scheduled_queries/handlers/athena.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/scheduled_queries/handlers/athena.py -------------------------------------------------------------------------------- /streamalert/scheduled_queries/main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/scheduled_queries/main.py -------------------------------------------------------------------------------- /streamalert/scheduled_queries/query_packs/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /streamalert/scheduled_queries/query_packs/configuration.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/scheduled_queries/query_packs/configuration.py -------------------------------------------------------------------------------- /streamalert/scheduled_queries/query_packs/manager.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/scheduled_queries/query_packs/manager.py -------------------------------------------------------------------------------- /streamalert/scheduled_queries/query_packs/parameters.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/scheduled_queries/query_packs/parameters.py -------------------------------------------------------------------------------- /streamalert/scheduled_queries/state/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /streamalert/scheduled_queries/state/state_manager.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/scheduled_queries/state/state_manager.py -------------------------------------------------------------------------------- /streamalert/scheduled_queries/streamalert/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /streamalert/scheduled_queries/streamalert/kinesis.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/scheduled_queries/streamalert/kinesis.py -------------------------------------------------------------------------------- /streamalert/scheduled_queries/support/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /streamalert/scheduled_queries/support/clock.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/scheduled_queries/support/clock.py -------------------------------------------------------------------------------- /streamalert/shared/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/__init__.py -------------------------------------------------------------------------------- /streamalert/shared/alert.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/alert.py -------------------------------------------------------------------------------- /streamalert/shared/alert_table.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/alert_table.py -------------------------------------------------------------------------------- /streamalert/shared/artifact_extractor.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/artifact_extractor.py -------------------------------------------------------------------------------- /streamalert/shared/athena.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/athena.py -------------------------------------------------------------------------------- /streamalert/shared/backoff_handlers.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/backoff_handlers.py -------------------------------------------------------------------------------- /streamalert/shared/config.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/config.py -------------------------------------------------------------------------------- /streamalert/shared/description.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/description.py -------------------------------------------------------------------------------- /streamalert/shared/exceptions.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/exceptions.py -------------------------------------------------------------------------------- /streamalert/shared/firehose.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/firehose.py -------------------------------------------------------------------------------- /streamalert/shared/helpers/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /streamalert/shared/helpers/aws_api_client.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/helpers/aws_api_client.py -------------------------------------------------------------------------------- /streamalert/shared/helpers/boto.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/helpers/boto.py -------------------------------------------------------------------------------- /streamalert/shared/helpers/dynamodb.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/helpers/dynamodb.py -------------------------------------------------------------------------------- /streamalert/shared/importer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/importer.py -------------------------------------------------------------------------------- /streamalert/shared/logger.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/logger.py -------------------------------------------------------------------------------- /streamalert/shared/lookup_tables/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /streamalert/shared/lookup_tables/cache.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/lookup_tables/cache.py -------------------------------------------------------------------------------- /streamalert/shared/lookup_tables/configuration.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/lookup_tables/configuration.py -------------------------------------------------------------------------------- /streamalert/shared/lookup_tables/core.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/lookup_tables/core.py -------------------------------------------------------------------------------- /streamalert/shared/lookup_tables/driver_dynamodb.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/lookup_tables/driver_dynamodb.py -------------------------------------------------------------------------------- /streamalert/shared/lookup_tables/driver_s3.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/lookup_tables/driver_s3.py -------------------------------------------------------------------------------- /streamalert/shared/lookup_tables/drivers.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/lookup_tables/drivers.py -------------------------------------------------------------------------------- /streamalert/shared/lookup_tables/drivers_factory.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/lookup_tables/drivers_factory.py -------------------------------------------------------------------------------- /streamalert/shared/lookup_tables/errors.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/lookup_tables/errors.py -------------------------------------------------------------------------------- /streamalert/shared/lookup_tables/table.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/lookup_tables/table.py -------------------------------------------------------------------------------- /streamalert/shared/lookup_tables/utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/lookup_tables/utils.py -------------------------------------------------------------------------------- /streamalert/shared/metrics.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/metrics.py -------------------------------------------------------------------------------- /streamalert/shared/normalize.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/normalize.py -------------------------------------------------------------------------------- /streamalert/shared/publisher.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/publisher.py -------------------------------------------------------------------------------- /streamalert/shared/resources.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/resources.py -------------------------------------------------------------------------------- /streamalert/shared/rule.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/rule.py -------------------------------------------------------------------------------- /streamalert/shared/rule_table.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/rule_table.py -------------------------------------------------------------------------------- /streamalert/shared/stats.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/stats.py -------------------------------------------------------------------------------- /streamalert/shared/utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/shared/utils.py -------------------------------------------------------------------------------- /streamalert/threat_intel_downloader/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /streamalert/threat_intel_downloader/exceptions.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/threat_intel_downloader/exceptions.py -------------------------------------------------------------------------------- /streamalert/threat_intel_downloader/main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert/threat_intel_downloader/main.py -------------------------------------------------------------------------------- /streamalert_cli/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/__init__.py -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/_include.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/_include.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/_providers.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/_providers.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/_variables.tf: -------------------------------------------------------------------------------- 1 | variable "region" { 2 | type = string 3 | } 4 | -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_alert_merger_iam/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_alert_merger_iam/README.md -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_alert_merger_iam/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_alert_merger_iam/main.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_alert_merger_iam/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_alert_merger_iam/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_alert_processor_iam/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_alert_processor_iam/README.md -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_alert_processor_iam/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_alert_processor_iam/main.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_alert_processor_iam/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_alert_processor_iam/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_app_iam/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_app_iam/README.md -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_app_iam/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_app_iam/main.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_app_iam/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_app_iam/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_artifact_extractor/iam.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_artifact_extractor/iam.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_artifact_extractor/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_artifact_extractor/main.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_artifact_extractor/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_artifact_extractor/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_athena/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_athena/README.md -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_athena/iam.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_athena/iam.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_athena/kms.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_athena/kms.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_athena/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_athena/main.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_athena/outputs.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_athena/outputs.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_athena/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_athena/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_classifier/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_classifier/README.md -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_classifier/firehose.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_classifier/firehose.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_classifier/iam.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_classifier/iam.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_classifier/sns.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_classifier/sns.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_classifier/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_classifier/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_cloudtrail/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_cloudtrail/README.md -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_cloudtrail/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_cloudtrail/main.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_cloudtrail/modules/tf_cloudtrail_cloudwatch/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_cloudtrail/modules/tf_cloudtrail_cloudwatch/README.md -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_cloudtrail/modules/tf_cloudtrail_cloudwatch/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_cloudtrail/modules/tf_cloudtrail_cloudwatch/main.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_cloudtrail/modules/tf_cloudtrail_cloudwatch/output.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_cloudtrail/modules/tf_cloudtrail_cloudwatch/output.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_cloudtrail/modules/tf_cloudtrail_cloudwatch/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_cloudtrail/modules/tf_cloudtrail_cloudwatch/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_cloudtrail/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_cloudtrail/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_cloudwatch_events/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_cloudwatch_events/README.md -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_cloudwatch_events/cross_account/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_cloudwatch_events/cross_account/README.md -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_cloudwatch_events/cross_account/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_cloudwatch_events/cross_account/main.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_cloudwatch_events/cross_account/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_cloudwatch_events/cross_account/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_cloudwatch_events/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_cloudwatch_events/main.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_cloudwatch_events/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_cloudwatch_events/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_cloudwatch_logs_destination/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_cloudwatch_logs_destination/README.md -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_cloudwatch_logs_destination/iam.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_cloudwatch_logs_destination/iam.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_cloudwatch_logs_destination/modules/destination/iam.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_cloudwatch_logs_destination/modules/destination/iam.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_cloudwatch_logs_destination/modules/destination/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_cloudwatch_logs_destination/modules/destination/main.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_cloudwatch_logs_destination/modules/destination/output.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_cloudwatch_logs_destination/modules/destination/output.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_cloudwatch_logs_destination/modules/destination/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_cloudwatch_logs_destination/modules/destination/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_cloudwatch_logs_destination/output.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_cloudwatch_logs_destination/output.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_cloudwatch_logs_destination/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_cloudwatch_logs_destination/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_flow_logs/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_flow_logs/README.md -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_flow_logs/iam.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_flow_logs/iam.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_flow_logs/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_flow_logs/main.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_flow_logs/output.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_flow_logs/output.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_flow_logs/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_flow_logs/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_globals/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_globals/README.md -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_globals/alerts_firehose/iam.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_globals/alerts_firehose/iam.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_globals/alerts_firehose/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_globals/alerts_firehose/main.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_globals/alerts_firehose/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_globals/alerts_firehose/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_globals/classifier_queue/iam.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_globals/classifier_queue/iam.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_globals/classifier_queue/kms.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_globals/classifier_queue/kms.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_globals/classifier_queue/output.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_globals/classifier_queue/output.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_globals/classifier_queue/sqs.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_globals/classifier_queue/sqs.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_globals/classifier_queue/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_globals/classifier_queue/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_globals/lambda_layers/README.rst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_globals/lambda_layers/README.rst -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_globals/lambda_layers/aliyun-python-sdk-actiontrail==2.0.0_dependencies.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_globals/lambda_layers/aliyun-python-sdk-actiontrail==2.0.0_dependencies.zip -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_globals/lambda_layers/boxsdk[jwt]==2.9.0_dependencies.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_globals/lambda_layers/boxsdk[jwt]==2.9.0_dependencies.zip -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_globals/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_globals/main.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_globals/output.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_globals/output.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_globals/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_globals/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_kinesis_events/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_kinesis_events/README.md -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_kinesis_events/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_kinesis_events/main.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_kinesis_events/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_kinesis_events/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_kinesis_firehose_delivery_stream/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_kinesis_firehose_delivery_stream/README.md -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_kinesis_firehose_delivery_stream/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_kinesis_firehose_delivery_stream/main.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_kinesis_firehose_delivery_stream/outputs.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_kinesis_firehose_delivery_stream/outputs.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_kinesis_firehose_delivery_stream/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_kinesis_firehose_delivery_stream/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_kinesis_firehose_setup/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_kinesis_firehose_setup/README.md -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_kinesis_firehose_setup/iam.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_kinesis_firehose_setup/iam.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_kinesis_firehose_setup/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_kinesis_firehose_setup/main.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_kinesis_firehose_setup/outputs.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_kinesis_firehose_setup/outputs.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_kinesis_firehose_setup/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_kinesis_firehose_setup/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_kinesis_streams/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_kinesis_streams/README.md -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_kinesis_streams/iam.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_kinesis_streams/iam.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_kinesis_streams/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_kinesis_streams/main.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_kinesis_streams/outputs.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_kinesis_streams/outputs.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_kinesis_streams/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_kinesis_streams/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_lambda/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_lambda/README.md -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_lambda/cloudwatch.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_lambda/cloudwatch.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_lambda/iam.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_lambda/iam.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_lambda/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_lambda/main.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_lambda/output.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_lambda/output.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_lambda/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_lambda/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_lookup_tables_dynamodb/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_lookup_tables_dynamodb/README.md -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_lookup_tables_dynamodb/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_lookup_tables_dynamodb/main.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_lookup_tables_dynamodb/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_lookup_tables_dynamodb/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_lookup_tables_policy/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_lookup_tables_policy/README.md -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_lookup_tables_policy/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_lookup_tables_policy/main.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_lookup_tables_policy/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_lookup_tables_policy/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_lookup_tables_s3/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_lookup_tables_s3/README.md -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_lookup_tables_s3/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_lookup_tables_s3/main.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_lookup_tables_s3/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_lookup_tables_s3/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_metric_alarms/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_metric_alarms/README.md -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_metric_alarms/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_metric_alarms/main.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_metric_alarms/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_metric_alarms/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_metric_filters/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_metric_filters/README.md -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_metric_filters/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_metric_filters/main.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_metric_filters/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_metric_filters/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_monitoring/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_monitoring/main.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_monitoring/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_monitoring/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_rule_promotion_iam/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_rule_promotion_iam/README.md -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_rule_promotion_iam/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_rule_promotion_iam/main.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_rule_promotion_iam/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_rule_promotion_iam/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_rules_engine/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_rules_engine/README.md -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_rules_engine/iam.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_rules_engine/iam.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_rules_engine/lambda.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_rules_engine/lambda.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_rules_engine/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_rules_engine/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_s3_events/main.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_s3_events/main.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_s3_events/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_s3_events/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_scheduled_queries/cloudwatch_schedule.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_scheduled_queries/cloudwatch_schedule.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_scheduled_queries/iam_roles.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_scheduled_queries/iam_roles.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_scheduled_queries/lambda.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_scheduled_queries/lambda.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_scheduled_queries/outputs.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_scheduled_queries/outputs.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_scheduled_queries/step_function.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_scheduled_queries/step_function.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_scheduled_queries/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_scheduled_queries/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_threat_intel_downloader/README.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_threat_intel_downloader/dynamodb.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_threat_intel_downloader/dynamodb.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_threat_intel_downloader/iam.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_threat_intel_downloader/iam.tf -------------------------------------------------------------------------------- /streamalert_cli/_infrastructure/modules/tf_threat_intel_downloader/variables.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/_infrastructure/modules/tf_threat_intel_downloader/variables.tf -------------------------------------------------------------------------------- /streamalert_cli/apps/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /streamalert_cli/apps/handler.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/apps/handler.py -------------------------------------------------------------------------------- /streamalert_cli/apps/helpers.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/apps/helpers.py -------------------------------------------------------------------------------- /streamalert_cli/athena/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /streamalert_cli/athena/handler.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/athena/handler.py -------------------------------------------------------------------------------- /streamalert_cli/athena/helpers.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/athena/helpers.py -------------------------------------------------------------------------------- /streamalert_cli/config.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/config.py -------------------------------------------------------------------------------- /streamalert_cli/configure/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /streamalert_cli/configure/handler.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/configure/handler.py -------------------------------------------------------------------------------- /streamalert_cli/helpers.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/helpers.py -------------------------------------------------------------------------------- /streamalert_cli/kinesis/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /streamalert_cli/kinesis/handler.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/kinesis/handler.py -------------------------------------------------------------------------------- /streamalert_cli/logger.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/logger.py -------------------------------------------------------------------------------- /streamalert_cli/lookup_tables/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /streamalert_cli/lookup_tables/handler.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/lookup_tables/handler.py -------------------------------------------------------------------------------- /streamalert_cli/manage_lambda/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /streamalert_cli/manage_lambda/deploy.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/manage_lambda/deploy.py -------------------------------------------------------------------------------- /streamalert_cli/manage_lambda/package.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/manage_lambda/package.py -------------------------------------------------------------------------------- /streamalert_cli/manage_lambda/rollback.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/manage_lambda/rollback.py -------------------------------------------------------------------------------- /streamalert_cli/metrics_alarms/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /streamalert_cli/metrics_alarms/handler.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/metrics_alarms/handler.py -------------------------------------------------------------------------------- /streamalert_cli/outputs/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /streamalert_cli/outputs/handler.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/outputs/handler.py -------------------------------------------------------------------------------- /streamalert_cli/outputs/helpers.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/outputs/helpers.py -------------------------------------------------------------------------------- /streamalert_cli/rule_table.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/rule_table.py -------------------------------------------------------------------------------- /streamalert_cli/runner.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/runner.py -------------------------------------------------------------------------------- /streamalert_cli/status/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /streamalert_cli/status/handler.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/status/handler.py -------------------------------------------------------------------------------- /streamalert_cli/terraform/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/terraform/__init__.py -------------------------------------------------------------------------------- /streamalert_cli/terraform/alert_merger.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/terraform/alert_merger.py -------------------------------------------------------------------------------- /streamalert_cli/terraform/alert_processor.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/terraform/alert_processor.py -------------------------------------------------------------------------------- /streamalert_cli/terraform/apps.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/terraform/apps.py -------------------------------------------------------------------------------- /streamalert_cli/terraform/artifact_extractor.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/terraform/artifact_extractor.py -------------------------------------------------------------------------------- /streamalert_cli/terraform/athena.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/terraform/athena.py -------------------------------------------------------------------------------- /streamalert_cli/terraform/classifier.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/terraform/classifier.py -------------------------------------------------------------------------------- /streamalert_cli/terraform/cloudtrail.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/terraform/cloudtrail.py -------------------------------------------------------------------------------- /streamalert_cli/terraform/cloudwatch_destinations.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/terraform/cloudwatch_destinations.py -------------------------------------------------------------------------------- /streamalert_cli/terraform/cloudwatch_events.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/terraform/cloudwatch_events.py -------------------------------------------------------------------------------- /streamalert_cli/terraform/common.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/terraform/common.py -------------------------------------------------------------------------------- /streamalert_cli/terraform/firehose.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/terraform/firehose.py -------------------------------------------------------------------------------- /streamalert_cli/terraform/flow_logs.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/terraform/flow_logs.py -------------------------------------------------------------------------------- /streamalert_cli/terraform/generate.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/terraform/generate.py -------------------------------------------------------------------------------- /streamalert_cli/terraform/handlers.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/terraform/handlers.py -------------------------------------------------------------------------------- /streamalert_cli/terraform/helpers.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/terraform/helpers.py -------------------------------------------------------------------------------- /streamalert_cli/terraform/kinesis_events.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/terraform/kinesis_events.py -------------------------------------------------------------------------------- /streamalert_cli/terraform/kinesis_streams.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/terraform/kinesis_streams.py -------------------------------------------------------------------------------- /streamalert_cli/terraform/lambda_module.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/terraform/lambda_module.py -------------------------------------------------------------------------------- /streamalert_cli/terraform/metrics.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/terraform/metrics.py -------------------------------------------------------------------------------- /streamalert_cli/terraform/monitoring.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/terraform/monitoring.py -------------------------------------------------------------------------------- /streamalert_cli/terraform/rule_promotion.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/terraform/rule_promotion.py -------------------------------------------------------------------------------- /streamalert_cli/terraform/rules_engine.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/terraform/rules_engine.py -------------------------------------------------------------------------------- /streamalert_cli/terraform/s3_events.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/terraform/s3_events.py -------------------------------------------------------------------------------- /streamalert_cli/terraform/scheduled_queries.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/terraform/scheduled_queries.py -------------------------------------------------------------------------------- /streamalert_cli/terraform/threat_intel_downloader.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/terraform/threat_intel_downloader.py -------------------------------------------------------------------------------- /streamalert_cli/test/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /streamalert_cli/test/event.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/test/event.py -------------------------------------------------------------------------------- /streamalert_cli/test/event_file.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/test/event_file.py -------------------------------------------------------------------------------- /streamalert_cli/test/format.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/test/format.py -------------------------------------------------------------------------------- /streamalert_cli/test/handler.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/test/handler.py -------------------------------------------------------------------------------- /streamalert_cli/test/mocks.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/test/mocks.py -------------------------------------------------------------------------------- /streamalert_cli/test/results.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/test/results.py -------------------------------------------------------------------------------- /streamalert_cli/threat_intel/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /streamalert_cli/threat_intel/handler.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/threat_intel/handler.py -------------------------------------------------------------------------------- /streamalert_cli/threat_intel_downloader/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /streamalert_cli/threat_intel_downloader/handler.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/threat_intel_downloader/handler.py -------------------------------------------------------------------------------- /streamalert_cli/utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/streamalert_cli/utils.py -------------------------------------------------------------------------------- /tests/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/scripts/autoflake.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/scripts/autoflake.sh -------------------------------------------------------------------------------- /tests/scripts/autopep8.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/scripts/autopep8.sh -------------------------------------------------------------------------------- /tests/scripts/covreport.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/scripts/covreport.sh -------------------------------------------------------------------------------- /tests/scripts/pylint.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/scripts/pylint.sh -------------------------------------------------------------------------------- /tests/scripts/rule_test.sh: -------------------------------------------------------------------------------- 1 | #! /bin/bash 2 | ./manage.py test rules $@ 3 | -------------------------------------------------------------------------------- /tests/scripts/sort_configs.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/scripts/sort_configs.py -------------------------------------------------------------------------------- /tests/scripts/test_the_docs.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/scripts/test_the_docs.sh -------------------------------------------------------------------------------- /tests/scripts/unit_tests.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/scripts/unit_tests.sh -------------------------------------------------------------------------------- /tests/scripts/update_reqs.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/scripts/update_reqs.sh -------------------------------------------------------------------------------- /tests/unit/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/conf/clusters/advanced.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/conf/clusters/advanced.json -------------------------------------------------------------------------------- /tests/unit/conf/clusters/test.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/conf/clusters/test.json -------------------------------------------------------------------------------- /tests/unit/conf/clusters/trusted.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/conf/clusters/trusted.json -------------------------------------------------------------------------------- /tests/unit/conf/global.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/conf/global.json -------------------------------------------------------------------------------- /tests/unit/conf/lambda.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/conf/lambda.json -------------------------------------------------------------------------------- /tests/unit/conf/logs.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/conf/logs.json -------------------------------------------------------------------------------- /tests/unit/conf/lookup_tables.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/conf/lookup_tables.json -------------------------------------------------------------------------------- /tests/unit/conf/normalized_types.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/conf/normalized_types.json -------------------------------------------------------------------------------- /tests/unit/conf/outputs.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/conf/outputs.json -------------------------------------------------------------------------------- /tests/unit/conf/scheduled_queries.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/conf/scheduled_queries.json -------------------------------------------------------------------------------- /tests/unit/conf/threat_intel.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/conf/threat_intel.json -------------------------------------------------------------------------------- /tests/unit/conf_athena/clusters/test.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/conf_athena/clusters/test.json -------------------------------------------------------------------------------- /tests/unit/conf_athena/global.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/conf_athena/global.json -------------------------------------------------------------------------------- /tests/unit/conf_athena/lambda.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/conf_athena/lambda.json -------------------------------------------------------------------------------- /tests/unit/conf_athena/schemas/unit_test_schemas.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/conf_athena/schemas/unit_test_schemas.json -------------------------------------------------------------------------------- /tests/unit/helpers/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/helpers/aws_mocks.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/helpers/aws_mocks.py -------------------------------------------------------------------------------- /tests/unit/helpers/base.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/helpers/base.py -------------------------------------------------------------------------------- /tests/unit/helpers/config.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/helpers/config.py -------------------------------------------------------------------------------- /tests/unit/helpers/mocks.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/helpers/mocks.py -------------------------------------------------------------------------------- /tests/unit/streamalert/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/streamalert/alert_merger/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/streamalert/alert_merger/test_main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/alert_merger/test_main.py -------------------------------------------------------------------------------- /tests/unit/streamalert/alert_processor/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/alert_processor/__init__.py -------------------------------------------------------------------------------- /tests/unit/streamalert/alert_processor/helpers.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/alert_processor/helpers.py -------------------------------------------------------------------------------- /tests/unit/streamalert/alert_processor/outputs/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/streamalert/alert_processor/outputs/credentials/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/streamalert/alert_processor/outputs/credentials/test_provider.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/alert_processor/outputs/credentials/test_provider.py -------------------------------------------------------------------------------- /tests/unit/streamalert/alert_processor/outputs/test_aws.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/alert_processor/outputs/test_aws.py -------------------------------------------------------------------------------- /tests/unit/streamalert/alert_processor/outputs/test_carbonblack.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/alert_processor/outputs/test_carbonblack.py -------------------------------------------------------------------------------- /tests/unit/streamalert/alert_processor/outputs/test_demisto.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/alert_processor/outputs/test_demisto.py -------------------------------------------------------------------------------- /tests/unit/streamalert/alert_processor/outputs/test_github.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/alert_processor/outputs/test_github.py -------------------------------------------------------------------------------- /tests/unit/streamalert/alert_processor/outputs/test_jira.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/alert_processor/outputs/test_jira.py -------------------------------------------------------------------------------- /tests/unit/streamalert/alert_processor/outputs/test_jira_v2.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/alert_processor/outputs/test_jira_v2.py -------------------------------------------------------------------------------- /tests/unit/streamalert/alert_processor/outputs/test_komand.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/alert_processor/outputs/test_komand.py -------------------------------------------------------------------------------- /tests/unit/streamalert/alert_processor/outputs/test_output_base.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/alert_processor/outputs/test_output_base.py -------------------------------------------------------------------------------- /tests/unit/streamalert/alert_processor/outputs/test_pagerduty.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/alert_processor/outputs/test_pagerduty.py -------------------------------------------------------------------------------- /tests/unit/streamalert/alert_processor/outputs/test_phantom.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/alert_processor/outputs/test_phantom.py -------------------------------------------------------------------------------- /tests/unit/streamalert/alert_processor/outputs/test_slack.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/alert_processor/outputs/test_slack.py -------------------------------------------------------------------------------- /tests/unit/streamalert/alert_processor/outputs/test_teams.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/alert_processor/outputs/test_teams.py -------------------------------------------------------------------------------- /tests/unit/streamalert/alert_processor/test_helpers.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/alert_processor/test_helpers.py -------------------------------------------------------------------------------- /tests/unit/streamalert/alert_processor/test_main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/alert_processor/test_main.py -------------------------------------------------------------------------------- /tests/unit/streamalert/apps/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/streamalert/apps/test_apps/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/streamalert/apps/test_apps/test_aliyun.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/apps/test_apps/test_aliyun.py -------------------------------------------------------------------------------- /tests/unit/streamalert/apps/test_apps/test_app_base.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/apps/test_apps/test_app_base.py -------------------------------------------------------------------------------- /tests/unit/streamalert/apps/test_apps/test_box.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/apps/test_apps/test_box.py -------------------------------------------------------------------------------- /tests/unit/streamalert/apps/test_apps/test_duo.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/apps/test_apps/test_duo.py -------------------------------------------------------------------------------- /tests/unit/streamalert/apps/test_apps/test_gsuite.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/apps/test_apps/test_gsuite.py -------------------------------------------------------------------------------- /tests/unit/streamalert/apps/test_apps/test_intercom.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/apps/test_apps/test_intercom.py -------------------------------------------------------------------------------- /tests/unit/streamalert/apps/test_apps/test_onelogin.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/apps/test_apps/test_onelogin.py -------------------------------------------------------------------------------- /tests/unit/streamalert/apps/test_apps/test_salesforce.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/apps/test_apps/test_salesforce.py -------------------------------------------------------------------------------- /tests/unit/streamalert/apps/test_apps/test_slack.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/apps/test_apps/test_slack.py -------------------------------------------------------------------------------- /tests/unit/streamalert/apps/test_batcher.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/apps/test_batcher.py -------------------------------------------------------------------------------- /tests/unit/streamalert/apps/test_config.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/apps/test_config.py -------------------------------------------------------------------------------- /tests/unit/streamalert/apps/test_helpers.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/apps/test_helpers.py -------------------------------------------------------------------------------- /tests/unit/streamalert/apps/test_main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/apps/test_main.py -------------------------------------------------------------------------------- /tests/unit/streamalert/athena_partitioner/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/streamalert/athena_partitioner/test_main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/athena_partitioner/test_main.py -------------------------------------------------------------------------------- /tests/unit/streamalert/classifier/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/streamalert/classifier/clients/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/streamalert/classifier/clients/test_sqs.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/classifier/clients/test_sqs.py -------------------------------------------------------------------------------- /tests/unit/streamalert/classifier/payload/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/streamalert/classifier/payload/test_payload_apps.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/classifier/payload/test_payload_apps.py -------------------------------------------------------------------------------- /tests/unit/streamalert/classifier/payload/test_payload_base.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/classifier/payload/test_payload_base.py -------------------------------------------------------------------------------- /tests/unit/streamalert/classifier/payload/test_payload_kinesis.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/classifier/payload/test_payload_kinesis.py -------------------------------------------------------------------------------- /tests/unit/streamalert/classifier/payload/test_payload_record.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/classifier/payload/test_payload_record.py -------------------------------------------------------------------------------- /tests/unit/streamalert/classifier/payload/test_payload_s3.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/classifier/payload/test_payload_s3.py -------------------------------------------------------------------------------- /tests/unit/streamalert/classifier/payload/test_payload_sns.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/classifier/payload/test_payload_sns.py -------------------------------------------------------------------------------- /tests/unit/streamalert/classifier/test_classifier.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/classifier/test_classifier.py -------------------------------------------------------------------------------- /tests/unit/streamalert/classifier/test_parsers_base.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/classifier/test_parsers_base.py -------------------------------------------------------------------------------- /tests/unit/streamalert/classifier/test_parsers_csv.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/classifier/test_parsers_csv.py -------------------------------------------------------------------------------- /tests/unit/streamalert/classifier/test_parsers_json.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/classifier/test_parsers_json.py -------------------------------------------------------------------------------- /tests/unit/streamalert/classifier/test_parsers_kv.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/classifier/test_parsers_kv.py -------------------------------------------------------------------------------- /tests/unit/streamalert/classifier/test_parsers_syslog.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/classifier/test_parsers_syslog.py -------------------------------------------------------------------------------- /tests/unit/streamalert/rule_promotion/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/streamalert/rule_promotion/test_promoter.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/rule_promotion/test_promoter.py -------------------------------------------------------------------------------- /tests/unit/streamalert/rule_promotion/test_publisher.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/rule_promotion/test_publisher.py -------------------------------------------------------------------------------- /tests/unit/streamalert/rule_promotion/test_statistic.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/rule_promotion/test_statistic.py -------------------------------------------------------------------------------- /tests/unit/streamalert/rules_engine/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/streamalert/rules_engine/test_alerter.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/rules_engine/test_alerter.py -------------------------------------------------------------------------------- /tests/unit/streamalert/rules_engine/test_rules_engine.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/rules_engine/test_rules_engine.py -------------------------------------------------------------------------------- /tests/unit/streamalert/rules_engine/test_threat_intel.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/rules_engine/test_threat_intel.py -------------------------------------------------------------------------------- /tests/unit/streamalert/scheduled_queries/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/streamalert/scheduled_queries/command/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/streamalert/scheduled_queries/command/test_processor.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/scheduled_queries/command/test_processor.py -------------------------------------------------------------------------------- /tests/unit/streamalert/scheduled_queries/container/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/streamalert/scheduled_queries/container/test_container.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/scheduled_queries/container/test_container.py -------------------------------------------------------------------------------- /tests/unit/streamalert/scheduled_queries/handlers/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/streamalert/scheduled_queries/handlers/test_athena.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/scheduled_queries/handlers/test_athena.py -------------------------------------------------------------------------------- /tests/unit/streamalert/scheduled_queries/query_packs/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/streamalert/scheduled_queries/query_packs/test_configuration.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/scheduled_queries/query_packs/test_configuration.py -------------------------------------------------------------------------------- /tests/unit/streamalert/scheduled_queries/query_packs/test_manager.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/scheduled_queries/query_packs/test_manager.py -------------------------------------------------------------------------------- /tests/unit/streamalert/scheduled_queries/state/.gitignore: -------------------------------------------------------------------------------- 1 | testfile.json 2 | -------------------------------------------------------------------------------- /tests/unit/streamalert/scheduled_queries/state/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/streamalert/scheduled_queries/state/test_state_manager.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/scheduled_queries/state/test_state_manager.py -------------------------------------------------------------------------------- /tests/unit/streamalert/scheduled_queries/streamalert/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/streamalert/scheduled_queries/streamalert/test_kinesis.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/scheduled_queries/streamalert/test_kinesis.py -------------------------------------------------------------------------------- /tests/unit/streamalert/shared/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/streamalert/shared/lookup_tables/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/streamalert/shared/lookup_tables/test_cache.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/shared/lookup_tables/test_cache.py -------------------------------------------------------------------------------- /tests/unit/streamalert/shared/lookup_tables/test_configuration.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/shared/lookup_tables/test_configuration.py -------------------------------------------------------------------------------- /tests/unit/streamalert/shared/lookup_tables/test_core.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/shared/lookup_tables/test_core.py -------------------------------------------------------------------------------- /tests/unit/streamalert/shared/lookup_tables/test_driver.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/shared/lookup_tables/test_driver.py -------------------------------------------------------------------------------- /tests/unit/streamalert/shared/lookup_tables/test_driver_dynamodb.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/shared/lookup_tables/test_driver_dynamodb.py -------------------------------------------------------------------------------- /tests/unit/streamalert/shared/lookup_tables/test_driver_s3.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/shared/lookup_tables/test_driver_s3.py -------------------------------------------------------------------------------- /tests/unit/streamalert/shared/lookup_tables/test_table.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/shared/lookup_tables/test_table.py -------------------------------------------------------------------------------- /tests/unit/streamalert/shared/test_alert.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/shared/test_alert.py -------------------------------------------------------------------------------- /tests/unit/streamalert/shared/test_alert_table.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/shared/test_alert_table.py -------------------------------------------------------------------------------- /tests/unit/streamalert/shared/test_artifact_extractor.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/shared/test_artifact_extractor.py -------------------------------------------------------------------------------- /tests/unit/streamalert/shared/test_athena.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/shared/test_athena.py -------------------------------------------------------------------------------- /tests/unit/streamalert/shared/test_aws_api_client.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/shared/test_aws_api_client.py -------------------------------------------------------------------------------- /tests/unit/streamalert/shared/test_backoff_handlers.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/shared/test_backoff_handlers.py -------------------------------------------------------------------------------- /tests/unit/streamalert/shared/test_config.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/shared/test_config.py -------------------------------------------------------------------------------- /tests/unit/streamalert/shared/test_description.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/shared/test_description.py -------------------------------------------------------------------------------- /tests/unit/streamalert/shared/test_firehose.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/shared/test_firehose.py -------------------------------------------------------------------------------- /tests/unit/streamalert/shared/test_importer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/shared/test_importer.py -------------------------------------------------------------------------------- /tests/unit/streamalert/shared/test_logger.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/shared/test_logger.py -------------------------------------------------------------------------------- /tests/unit/streamalert/shared/test_metrics.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/shared/test_metrics.py -------------------------------------------------------------------------------- /tests/unit/streamalert/shared/test_normalizer.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/shared/test_normalizer.py -------------------------------------------------------------------------------- /tests/unit/streamalert/shared/test_publisher.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/shared/test_publisher.py -------------------------------------------------------------------------------- /tests/unit/streamalert/shared/test_resources.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/shared/test_resources.py -------------------------------------------------------------------------------- /tests/unit/streamalert/shared/test_rule.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/shared/test_rule.py -------------------------------------------------------------------------------- /tests/unit/streamalert/shared/test_rule_table.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/shared/test_rule_table.py -------------------------------------------------------------------------------- /tests/unit/streamalert/shared/test_stats.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/shared/test_stats.py -------------------------------------------------------------------------------- /tests/unit/streamalert/shared/test_utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/shared/test_utils.py -------------------------------------------------------------------------------- /tests/unit/streamalert/threat_intel_downloader/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/streamalert/threat_intel_downloader/test_helpers.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/threat_intel_downloader/test_helpers.py -------------------------------------------------------------------------------- /tests/unit/streamalert/threat_intel_downloader/test_main.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert/threat_intel_downloader/test_main.py -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/athena/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/athena/test_handler.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert_cli/athena/test_handler.py -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/athena/test_helpers.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert_cli/athena/test_helpers.py -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/manage_lambda/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/manage_lambda/test_deploy.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert_cli/manage_lambda/test_deploy.py -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/manage_lambda/test_package.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert_cli/manage_lambda/test_package.py -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/manage_lambda/test_rollback.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert_cli/manage_lambda/test_rollback.py -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/terraform/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/terraform/test_alert_processor.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert_cli/terraform/test_alert_processor.py -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/terraform/test_artifact_extractor.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert_cli/terraform/test_artifact_extractor.py -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/terraform/test_athena.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert_cli/terraform/test_athena.py -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/terraform/test_firehose.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert_cli/terraform/test_firehose.py -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/terraform/test_generate.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert_cli/terraform/test_generate.py -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/terraform/test_generate_classifier.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert_cli/terraform/test_generate_classifier.py -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/terraform/test_generate_rules_engine.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert_cli/terraform/test_generate_rules_engine.py -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/terraform/test_handlers.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert_cli/terraform/test_handlers.py -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/terraform/test_kinesis_events.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert_cli/terraform/test_kinesis_events.py -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/terraform/test_kinesis_streams.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert_cli/terraform/test_kinesis_streams.py -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/terraform/test_monitoring.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert_cli/terraform/test_monitoring.py -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/terraform/test_rule_promotion.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert_cli/terraform/test_rule_promotion.py -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/terraform/test_s3_events.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert_cli/terraform/test_s3_events.py -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/terraform/test_scheduled_queries.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert_cli/terraform/test_scheduled_queries.py -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/test/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/test/helpers.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert_cli/test/helpers.py -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/test/test_event.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert_cli/test/test_event.py -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/test/test_event_file.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert_cli/test/test_event_file.py -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/test/test_handler.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert_cli/test/test_handler.py -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/test_cli_config.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert_cli/test_cli_config.py -------------------------------------------------------------------------------- /tests/unit/streamalert_cli/test_helpers.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/tests/unit/streamalert_cli/test_helpers.py -------------------------------------------------------------------------------- /vagrant/cli/python-virtualenvwrapper/configure.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/vagrant/cli/python-virtualenvwrapper/configure.sh -------------------------------------------------------------------------------- /vagrant/cli/python-virtualenvwrapper/install.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/vagrant/cli/python-virtualenvwrapper/install.sh -------------------------------------------------------------------------------- /vagrant/cli/streamalert/configure.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/vagrant/cli/streamalert/configure.sh -------------------------------------------------------------------------------- /vagrant/cli/streamalert/install.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/vagrant/cli/streamalert/install.sh -------------------------------------------------------------------------------- /vagrant/cli/streamalert/sshd_config: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/vagrant/cli/streamalert/sshd_config -------------------------------------------------------------------------------- /vagrant/cli/terraform/install.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/airbnb/streamalert/HEAD/vagrant/cli/terraform/install.sh --------------------------------------------------------------------------------