- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
*.yaml files (25):

.github/workflows/docker-build-prd-logstash.yml
.github/workflows/docker-build-dev-logstash.yml
.github/workflows/docker-build-prd-base.yml
.github/workflows/label.yml
.github/workflows/docker-build-dev-base.yml
.github/workflows/lint.yml
.github/workflows/release-drafter.yml
.github/workflows/docker-build-dev-jupyter.yml
.github/workflows/docker-build-dev-kibana.yml
.github/workflows/docker-build-prd-elasticsearch.yml
.github/workflows/docker-build-prd-jupyter.yml
.github/workflows/docker-build-dev-elasticsearch.yml
.github/workflows/docker-build-prd-kibana.yml
.github/labeler.yml
.github/release-drafter.yml
c2servers/filebeat/inputs.d/filebeat_outflankstage1.yml
c2servers/filebeat/inputs.d/filebeat_poshc2.yml
c2servers/filebeat/inputs.d/filebeat_sliver.yml
c2servers/filebeat/inputs.d/filebeat_cobaltstrike.yml
elkserver/mounts/sample-data/filebeat.yml
elkserver/mounts/logstash-config/config/pipelines.yml
elkserver/redelk-dev.yml
elkserver/redelk-limited.yml
elkserver/redelk-full.yml
elkserver/docker/redelk-elasticsearch/redelkinstalldata/instances.yml
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -



- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
*.log files (24):

example-data-and-configs/ExampleData/redirb1_haproxy.log
example-data-and-configs/ExampleData/redira1_access-redelk.log
elkserver/mounts/sample-data/logs/nginx.log
elkserver/mounts/sample-data/logs/apache2.log
elkserver/mounts/sample-data/logs/haproxy.log
elkserver/mounts/sample-data/logs/cobaltstrike/logs/200329/events.log
elkserver/mounts/sample-data/logs/cobaltstrike/logs/200329/10.99.1.4/beacon_2019412980.log
elkserver/mounts/sample-data/logs/cobaltstrike/logs/200329/10.99.1.4/beacon_496538698.log
elkserver/mounts/sample-data/logs/cobaltstrike/logs/200329/10.99.1.4/beacon_1233239984.log
elkserver/mounts/sample-data/logs/cobaltstrike/logs/200329/weblog_80.log
elkserver/mounts/sample-data/logs/cobaltstrike/logs/200331/weblog_80.log
elkserver/mounts/sample-data/logs/cobaltstrike/logs/200403/weblog_80.log
elkserver/mounts/sample-data/logs/cobaltstrike/logs/200402/weblog_80.log
elkserver/mounts/sample-data/logs/cobaltstrike/logs/200401/weblog_80.log
elkserver/mounts/sample-data/logs/cobaltstrike/logs/200330/10.1.3.11/beacon_1282172642.log
elkserver/mounts/sample-data/logs/cobaltstrike/logs/200330/events.log
elkserver/mounts/sample-data/logs/cobaltstrike/logs/200330/10.1.2.10/beacon_455228.log
elkserver/mounts/sample-data/logs/cobaltstrike/logs/200330/weblog_80.log
elkserver/mounts/sample-data/logs/cobaltstrike/logs/200330/10.1.3.10/beacon_688141424.log
elkserver/mounts/sample-data/logs/cobaltstrike/logs/200330/10.1.3.10/beacon_936715360.log
elkserver/mounts/sample-data/logs/cobaltstrike/logs/200330/10.1.3.10/beacon_358093816.log
elkserver/mounts/sample-data/logs/cobaltstrike/logs/200330/downloads.log
elkserver/mounts/sample-data/logs/cobaltstrike/logs/200330/10.1.4.10/beacon_702687076.log
elkserver/mounts/sample-data/logs/cobaltstrike/logs/200330/10.1.4.10/beacon_22170412.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -



- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
*.conf files (17):

example-data-and-configs/nginx/redelk-redir-nginx.conf
example-data-and-configs/Apache/redelk-redir-apache.conf
elkserver/mounts/logstash-config/redelk-main/conf.d/30-filter-email_logstash.conf
elkserver/mounts/logstash-config/redelk-main/conf.d/21-filter-redir-apache_logstash.conf
elkserver/mounts/logstash-config/redelk-main/conf.d/80-filter-bluecheck_logstash.conf
elkserver/mounts/logstash-config/redelk-main/conf.d/53-filter-c2-sliver_logstash.conf
elkserver/mounts/logstash-config/redelk-main/conf.d/70-filter-pstools_logstash.conf
elkserver/mounts/logstash-config/redelk-main/conf.d/52-filter-c2-poshc2_logstash.conf
elkserver/mounts/logstash-config/redelk-main/conf.d/10-input_filebeat_logstash.conf
elkserver/mounts/logstash-config/redelk-main/conf.d/20-filter-redir-haproxy_logstash.conf
elkserver/mounts/logstash-config/redelk-main/conf.d/50-filter-c2-outflankstage1_logstash.conf
elkserver/mounts/logstash-config/redelk-main/conf.d/51-filter-c2-cobaltstrike_logstash.conf
elkserver/mounts/logstash-config/redelk-main/conf.d/22-filter-redir-nginx_logstash.conf
elkserver/mounts/logstash-config/redelk-main/conf.d/11-input_localfiles_logstash.conf
elkserver/mounts/logstash-config/redelk-main/conf.d/12-input_email_logstash.conf
elkserver/mounts/logstash-config/redelk-main/conf.d/99-outputs_logstash.conf
elkserver/mounts/logstash-config/redelk-main/conf.d/80-filter-bluecheck_domainchecks_logstash.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -



- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
*.ndjson files (15):

elkserver/docker/redelk-base/redelkinstalldata/templates/redelk_kibana_index-pattern_redelk-iplist.ndjson
elkserver/docker/redelk-base/redelkinstalldata/templates/redelk_kibana_index-pattern_implantsdb.ndjson
elkserver/docker/redelk-base/redelkinstalldata/templates/redelk_kibana_index-pattern_.siem-signals.ndjson
elkserver/docker/redelk-base/redelkinstalldata/templates/redelk_kibana_map.ndjson
elkserver/docker/redelk-base/redelkinstalldata/templates/redelk_kibana_index-pattern_redirtraffic.ndjson
elkserver/docker/redelk-base/redelkinstalldata/templates/redelk_siem_detection_rules.ndjson
elkserver/docker/redelk-base/redelkinstalldata/templates/redelk_kibana_index-pattern_redelk.ndjson
elkserver/docker/redelk-base/redelkinstalldata/templates/redelk_kibana_index-pattern_rtops.ndjson
elkserver/docker/redelk-base/redelkinstalldata/templates/redelk_kibana_index-pattern_bluecheck.ndjson
elkserver/docker/redelk-base/redelkinstalldata/templates/redelk_kibana_dashboard.ndjson
elkserver/docker/redelk-base/redelkinstalldata/templates/redelk_kibana_visualization.ndjson
elkserver/docker/redelk-base/redelkinstalldata/templates/redelk_kibana_index-pattern_redelk-domainslist.ndjson
elkserver/docker/redelk-base/redelkinstalldata/templates/redelk_kibana_index-pattern_email.ndjson
elkserver/docker/redelk-base/redelkinstalldata/templates/redelk_kibana_search.ndjson
elkserver/docker/redelk-base/redelkinstalldata/templates/redelk_kibana_index-pattern_credentials.ndjson
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -



- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
*.example files (13):

certs/config.cnf.example
c2servers/filebeat/filebeat_redelk_main.yml.example
elkserver/mounts/redelk-config/etc/cron.d/redelk.example
elkserver/mounts/redelk-config/etc/redelk/iplist_blueteam.conf.example
elkserver/mounts/redelk-config/etc/redelk/iplist_redteam.conf.example
elkserver/mounts/redelk-config/etc/redelk/iplist_alarmed.conf.example
elkserver/mounts/redelk-config/etc/redelk/rogue_useragents.conf.example
elkserver/mounts/redelk-config/etc/redelk/iplist_unknown.conf.example
elkserver/mounts/redelk-config/etc/redelk/iplist_customer.conf.example
elkserver/mounts/redelk-config/etc/redelk/domainslist_redteam.conf.example
elkserver/mounts/redelk-config/etc/redelk/roguedomains.conf.example
elkserver/mounts/redelk-config/etc/redelk/config.json.example
redirs/filebeat/filebeat.yml.example
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -



- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
*. files (10):

VERSION
LICENSE
c2servers/cron.d/redelk_sliver
c2servers/cron.d/redelk_cobaltstrike
c2servers/cron.d/redelk_outflankstage1
elkserver/docker/redelk-base/Dockerfile
elkserver/docker/redelk-elasticsearch/Dockerfile
elkserver/docker/redelk-logstash/Dockerfile
elkserver/docker/redelk-jupyter/Dockerfile
elkserver/docker/redelk-kibana/Dockerfile
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -



- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
*.template files (6):

elkserver/mounts/nginx-config/ssl-dhparams.pem.template
elkserver/mounts/nginx-config/htpasswd.users.template
elkserver/mounts/nginx-config/default.conf.template
elkserver/mounts/nginx-config/full.location-conf.template
elkserver/mounts/nginx-config/full.neo4j-conf.template
elkserver/mounts/nginx-config/full.bloodhound-conf.template
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -



- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
*.pylintrc files (1):

elkserver/docker/redelk-base/redelkinstalldata/scripts/.pylintrc
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -



- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
*.tmpl files (1):

elkserver/.env.tmpl
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -



- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
*.gitkeep files (1):

elkserver/mounts/redelk-www/c2logs/.gitkeep
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -



- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
*.options files (1):

elkserver/mounts/elasticsearch-config/jvm.options.d/jvm.options
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -



- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
*.ds_store files (1):

elkserver/mounts/sample-data/logs/cobaltstrike/profiles/.DS_Store
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -