Capture attacks being executed #732
Assignees
Labels
enhancement
New feature or request
Comments
|
@fryguy04 this is a solid question, something that has come up also with other internal teams as well. Let us brainstorm a few solutions (ansible, watermarket, adding before/after timestamps) and come back with some sane solutions. Would love to have a follow up call with you before we roll something out if you are open to it 😄 |
|
Sounds great, lets do this! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Datasets are awesome and reading the description really makes me want to see what command was used and at what exact timestamp so I can analyze logs near/around it. Currently user is left to just the logs and hopefully they can find what happened and when.
It would be great to come up with some standardized way of tracking attack commands + timing. Obviously this initially might be restricted to only shell commands (GUI clicks are out of scope).
I'd propose looking to include any Ansible automated logs (do they show this?) for the Atomic Red things ... as well as linux typescript or bash_history with timestamping.
The text was updated successfully, but these errors were encountered: