8000 incorporate new s7comm known devices log · Issue #622 · cisagov/Malcolm · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

incorporate new s7comm known devices log #622

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
mmguero opened this issue Mar 19, 2025 · 0 comments
Closed

incorporate new s7comm known devices log #622

mmguero opened this issue Mar 19, 2025 · 0 comments
Assignees
@mmguero
Labels
arkime Relating to Malcolm's use of Arkime dashboards Relating to Malcolm's OpenSearch Dashboards interface enhancement New feature or request ics Relating to ICS (Industrial Control Systems) devices logstash Relating to Malcolm's use of Logstash zeek Relating to Malcolm's use of Zeek
Milestone
v25.03.1

Comments

@mmguero
Copy link
Collaborator
mmguero commented Mar 19, 2025

cisagov/icsnpp-s7comm#18 added a new s7comm_known_devices.log file that identifies s7comm devices. This is now integrated into the schema:

  • zeek.s7comm_known_devices.automation_system_name
  • zeek.s7comm_known_devices.module_name
  • zeek.s7comm_known_devices.plant_name
  • zeek.s7comm_known_devices.module_serial

and the s7comm dashboard:

Image
@mmguero mmguero added arkime Relating to Malcolm's use of Arkime dashboards Relating to Malcolm's OpenSearch Dashboards interface enhancement New feature or request ics Relating to ICS (Industrial Control Systems) devices logstash Relating to Malcolm's use of Logstash zeek Relating to Malcolm's use of Zeek labels Mar 19, 2025
@mmguero mmguero added this to the v25.03.1 milestone Mar 19, 2025
@mmguero mmguero self-assigned this Mar 19, 2025
@mmguero mmguero added this to Malcolm Mar 19, 2025
@mmguero mmguero moved this to Testing in Malcolm Mar 19, 2025
mmguero added a commit to mmguero-dev/Malcolm that referenced this issue Mar 19, 2025
@mmguero
incorporate new s7comm known devices log cisagov#622
d57d00f
@mmguero mmguero moved this from Testing to Done in Malcolm Mar 26, 2025
@mmguero mmguero closed this as completed by moving to Done in Malcolm Mar 26, 2025
@mmguero mmguero moved this from Done to Testing in Malcolm Mar 26, 2025
@mmguero mmguero moved this from Testing to Done in Malcolm Mar 27, 2025
This was referenced Mar 27, 2025
Merged
Merged
@mmguero mmguero moved this from Done to Todo in Malcolm Mar 31, 2025
@mmguero mmguero moved this from Todo to Released in Malcolm Mar 31, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mmguero mmguero

Labels
arkime Relating to Malcolm's use of Arkime dashboards Relating to Malcolm's OpenSearch Dashboards interface enhancement New feature or request ics Relating to ICS (Industrial Control Systems) devices logstash Relating to Malcolm's use of Logstash zeek Relating to Malcolm's use of Zeek
Projects
Malcolm
Status: Released
Milestone
v25.03.1
Development

No branches or pull requests
1 participant
@mmguero
0