Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Log4j - Collector & Parser #2131

Closed
YeomansM opened this issue Dec 21, 2021 · 6 comments
Closed

Log4j - Collector & Parser #2131

YeomansM opened this issue Dec 21, 2021 · 6 comments
Assignees
@elsif2
Labels
component: bots feature Indicates new feature requests or new features

Comments

@YeomansM
Copy link

Dear All,

May i ask whether you were thinking to add Log4j for shadowserver feeds within its collector api and parser?

Perhaps we can be of assistance?

Regards
Matthew
@sebix sebix added component: bots feature Indicates new feature requests or new features labels Dec 21, 2021
@sebix
Copy link
Member

sebix commented Dec 21, 2021

The Shadowserver Reports API collector is able to fetch all feeds, just the parser is missing the mapping.

Here's some public information: https://www.shadowserver.org/what-we-do/network-reporting/vulnerable-log4j-servers-special-report/
Looks easy to do (if the documentation does not deviate from the actually used format)

@YeomansM
Copy link
Author

That is a good point, all what is missing is the parser.

Unless other people already volunteered, I would love to give it a try.

Thanks
Matthew

@sebix
Copy link
Member

sebix commented Dec 28, 2021

Unless other people already volunteered, I would love to give it a try.

I haven't noticed any attempt yet, so feel free. If you need any help, ping me.

@waldbauer-certat waldbauer-certat self-assigned this Feb 4, 2022
@waldbauer-certat waldbauer-certat added this to the 3.1.0 milestone Feb 4, 2022
waldbauer-certat added a commit that referenced this issue Feb 4, 2022
@waldbauer-certat
ENH: Added Log4shell shadowserver feed
bc9abfa 
Fixes #2131

Signed-off-by: Sebastian Waldbauer <waldbauer@cert.at>
@waldbauer-certat waldbauer-certat mentioned this issue Feb 4, 2022
Closed
waldbauer-certat added a commit that referenced this issue Feb 4, 2022
@waldbauer-certat
ENH: Added Log4shell shadowserver feed
7805a35 
Fixes #2131

Signed-off-by: Sebastian Waldbauer <waldbauer@cert.at>
@sebix sebix removed this from the 3.1.0 milestone Jun 3, 2022
@sebix
Copy link
Member

sebix commented Jul 1, 2022

@elsif2 I think you PR closes this issue

@elsif2
Copy link
Collaborator

elsif2 commented Jul 1, 2022

Yes, that is correct.

@sebix sebix assigned elsif2 and unassigned waldbauer-certat Sep 5, 2022
@sebix
Copy link
Member

sebix commented Sep 5, 2022

Fixed by #2227

@sebix sebix closed this as completed Sep 5, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@elsif2 elsif2

Labels
component: bots feature Indicates new feature requests or new features
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

ENH: Added Log4shell shadowserver feed certtools/intelmq
4 participants
@sebix @elsif2 @YeomansM @waldbauer-certat