Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Data Telemetry] Add index pattern to identify "meow" attacks #75163

Merged
merged 3 commits into from
Aug 21, 2020
Merged

[Data Telemetry] Add index pattern to identify "meow" attacks #75163

merged 3 commits into from
Aug 21, 2020

Conversation

afharo
Copy link
Member

@afharo afharo commented Aug 17, 2020

Summary

Adds *meow* to the list of index patterns to identify possible indices following meow attacks 🐱

For maintainers

@afharo afharo requested a review from a team as a code owner August 17, 2020 14:16
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-telemetry (Team:KibanaTelemetry)

@afharo afharo added the v7.10.0 label Aug 17, 2020
TinaHeiligers
TinaHeiligers approved these changes Aug 19, 2020
View reviewed changes
Copy link
Contributor

@TinaHeiligers TinaHeiligers left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Love it!
LGMT 😹

@TinaHeiligers
Copy link
Contributor

@elasticmachine merge upstream

@kibanamachine
Copy link
Contributor

💚 Build Succeeded

Build metrics

✅ unchanged

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@afharo afharo merged commit ee75e57 into elastic:master Aug 21, 2020
@afharo afharo deleted the data-telemetry/add-meow-index-pattern branch August 21, 2020 12:47
This was referenced Aug 21, 2020
Merged
Merged
afharo added a commit to afharo/kibana that referenced this pull request Aug 21, 2020
@afharo @elasticmachine
[Data Telemetry] Add index pattern to identify "meow" attacks (elasti…
cb8d2ff 
…c#75163)

Co-authored-by: Elastic Machine <[email protected]>
afharo added a commit that referenced this pull request Aug 21, 2020
@afharo @elasticmachine
[7.x] [Data Telemetry] Add index pattern to identify "meow" attacks (#…
01170a4 
…75163) (#75644)

Co-authored-by: Elastic Machine <[email protected]>
afharo added a commit that referenced this pull request Aug 21, 2020
@afharo @elasticmachine
[7.9] [Data Telemetry] Add index pattern to identify "meow" attacks (#…
d452882 
…75163) (#75645)

Co-authored-by: Elastic Machine <[email protected]>

Co-authored-by: Elastic Machine <[email protected]>
gmmorris added a commit to gmmorris/kibana that referenced this pull request Aug 21, 2020
@gmmorris
Merge branch 'master' into actions/webhook-remove-header
452f964 
* master: (71 commits)
  [Lens] Show 'No data for this field' for empty field in accordion (elastic#73772)
  Skip failing lens test
  Configure ScopedHistory consistenty regardless of URL used to mount app (elastic#75074)
  Fix returned payload by "search" usage collector (elastic#75340)
  [Security Solution] Fix missing key error (elastic#75576)
  Upgrade EUI to v27.4.1 (elastic#75240)
  Update datasets UI copy to data streams (elastic#75618)
  [Lens] Register saved object references (elastic#74523)
  [DOCS] Update links to Beats documentation (elastic#70380)
  [Enterprise Search] Convert our `public_url` route to `config_data` and collect initialAppData (elastic#75616)
  [Usage Collection Schemas] Remove Legacy entries (elastic#75652)
  [Dashboard First] Lens Originating App Breadcrumb (elastic#75470)
  Improve login UI error message. (elastic#75642)
  [Security Solution] modify circular deps checker to output images of circular deps graphs (elastic#75579)
  [Data Telemetry] Add index pattern to identify "meow" attacks (elastic#75163)
  Migrate CSP usage collector to `kibana_usage_collection` plugin (elastic#75536)
  [Console] Get ES Config from core (elastic#75406)
  [Uptime] Add delay in telemetry test (elastic#75162)
  [Lens] Use index pattern service instead saved object client (elastic#74654)
  Embeddable input (elastic#73033)
  ...
thomasneirynck pushed a commit to thomasneirynck/kibana that referenced this pull request Aug 21, 2020
@afharo @elasticmachine @thomasneirynck
[Data Telemetry] Add index pattern to identify "meow" attacks (elasti…
80ce878 
…c#75163)

Co-authored-by: Elastic Machine <[email protected]>
@agenest
Copy link

agenest commented Aug 27, 2020

I was wondering how this has been working and if there might be an easier way to identify owners that I am notifying with instructions on how to secure the open instances. Currently, I am running a shodan scan, aggregating the data, and notifying the larger providers of the IPs found with instructions. If not in this ticket is there another one that might be solving for this proactive alerting out to the security community? Thanks

@TinaHeiligers
Copy link
Contributor

TinaHeiligers commented Aug 27, 2020
edited
Loading

@agenest the changes will only take effect after 7.9.1 is released. Please reach out to Brian Milbier (@bmilbier), he has been working on a POC. @alexfrancoeur might also be able to help you out.

@lukeelmers lukeelmers added the Team:Core Core services & architecture: plugins, logging, config, saved objects, http, ES client, i18n, etc label Oct 1, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-core (Team:Core)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@TinaHeiligers TinaHeiligers TinaHeiligers approved these changes

Assignees
No one assigned
Labels
Feature:Telemetry release_note:skip Skip the PR/issue when compiling release notes Team:Core Core services & architecture: plugins, logging, config, saved objects, http, ES client, i18n, etc v7.9.1 v7.10.0 v8.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@afharo @elasticmachine @TinaHeiligers @kibanamachine @agenest @lukeelmers