New covers

LICENSE

@@ -1,6 +1,6 @@
 BSD 2-Clause License
 
-Copyright (c) 2021, Gravwell Inc
+Copyright (c) 2026, Gravwell Inc
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without

auditd/MANIFEST

@@ -2,8 +2,8 @@
 	"ID": "io.gravwell.auditd",
 	"Name": "Auditd Detection Kit",
 	"Desc": "Provides tools, utilities, and detections to enable use of Auditd logs.",
-	"Readme": "This kit is designed to provide an out-of-the-box experience for working with Auditd logs. \n\nIt provides the following utilities:\n- Queries\n- Detections\n- Stats\n- Dashboards\n- Actionables\n- Templates\n- Macros",
-	"Version": 2,
+	"Readme": "This kit is designed to provide an out-of-the-box experience for working with Auditd logs.\n\nThe Auditd Kit is licensed under the BSD 2-Clause license and the contents are available on [Github](https://github.com/gravwell/kits/tree/main/auditd).\n\nIt provides the following utilities:\n- Queries\n- Detections\n- Stats\n- Dashboards\n- Actionables\n- Templates\n- Macros\n\n## Dependencies\n- Null\n\n## Changelog\n**1.0: Initial Release**\n- actionables (2)\n- autoextractor (1)\n- dashboard (4)\n- file (3)\n- license (1)\n- macro (2)\n- playbook (3)\n- resource (1)\n- searchlibrary (70)\n- template (2)",
+	"Version": 1,
 	"MinVersion": {
 		"Major": 0,
 		"Minor": 0,
@@ -18,11 +18,16 @@
 	"Banner": "05a7cd79-0cbf-46cf-b177-9eca9965e397",
 	"Cover": "d073d25c-573c-4727-bd87-1ea84f7e9c8f",
 	"Items": [
-                {
-                        "Name": "exe_baseline",
-                        "Type": 1,
-                        "Hash": "0000000000000000000000000000000000000000000000000000000000000000"
-                },
+        {
+            "Name": "BSD 2-Clause",
+            "Type": 10,
+            "Hash": "0000000000000000000000000000000000000000000000000000000000000000"
+        },
+        {
+            "Name": "exe_baseline",
+            "Type": 1,
+            "Hash": "0000000000000000000000000000000000000000000000000000000000000000"
+        },
 		{
 			"Name": "add5175f-8839-4e85-9d38-659d4af89eb0",
 			"Type": 6,

auditd/README.md

@@ -1,10 +1,28 @@
 This kit is designed to provide an out-of-the-box experience for working with Auditd logs. 
 
+The Auditd Kit is licensed under the BSD 2-Clause license and the contents are available on [Github](https://github.com/gravwell/kits/tree/main/auditd).
+
 It provides the following utilities:
 - Queries
 - Detections
 - Stats
 - Dashboards
 - Actionables
 - Templates
-- Macros
+- Macros
+
+## Dependencies
+- Null
+
+## Changelog
+ **1.0: Initial Release**
+	- actionables (2)
+	- autoextractor (1)
+	- dashboard (4)
+	- file (3)
+	- license (1)
+	- macro (2)
+	- playbook (3)
+	- resource (1)
+	- searchlibrary (70)
+	- template (2)

auditd/license/BSD 2-Clause.meta

@@ -0,0 +1,25 @@
+BSD 2-Clause License
+
+Copyright (c) 2026, Gravwell Inc
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice, this
+   list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright notice,
+   this list of conditions and the following disclaimer in the documentation
+   and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

aws_cloudtrail/MANIFEST

@@ -2,7 +2,7 @@
 	"ID": "io.gravwell.aws_cloudtrail",
 	"Name": "AWS CloudTrail Detection Kit",
 	"Desc": "Provides tools, utilities, and detections to enable use of AWS CloudTrail logs.",
-	"Readme": "This kit is designed to provide an out-of-the-box experience for working with AWS CloudTrail logs.\n\n It provides the following utilities:\n - Queries\n- Detections\n- Stats\n- Dashboards\n- Actionables\n- Templates\n\nRefer to playbooks for implementation guides, and a kit overview for more detail on components.",
+	"Readme": "This kit is designed to provide an out-of-the-box experience for working with AWS CloudTrail logs.\n\nIt provides the following utilities:\n- Queries\n- Detections\n- Stats\n- Dashboards\n- Actionables\n- Templates\n\nRefer to playbooks for implementation guides, and a kit overview for more detail on components.\n\nThe CloudTrail kit is licensed is licensed under the BSD 2-Clause license and the contents are available on [Github](https://github.com/gravwell/kits/tree/main/aws_cloudtrail).\n\n## Dependencies\n- Null\n\n## Changelog\n**1.0: Initial Release**\n- actionables (2)\n- dashboard (3)\n- file (3)\n- license (1)\n- macro (1)\n- playbook (3)\n- searchlibrary (66)\n- template (4)",
 	"Version": 1,
 	"MinVersion": {
 		"Major": 0,
@@ -16,9 +16,14 @@
 	},
 	"Icon": "1feb95d8-73a7-410b-93bc-105c48ba5dc3",
 	"Banner": "10e6bfe7-eccc-47c8-9e22-7147f39d9973",
-	"Cover": "10e6bfe7-eccc-47c8-9e22-7147f39d9973",
+	"Cover": "cc57efb0-2fa5-4101-8892-0fd278168185",
 	"Items": [
 		{
+            "Name": "BSD 2-Clause",
+            "Type": 10,
+            "Hash": "0000000000000000000000000000000000000000000000000000000000000000"
+        },
+        {
 			"Name": "c1806fba-6f21-48a9-9d5b-832ba2e04183",
 			"Type": 3,
 			"Hash": "0000000000000000000000000000000000000000000000000000000000000000"
@@ -402,6 +407,11 @@
 			"Name": "10e6bfe7-eccc-47c8-9e22-7147f39d9973",
 			"Type": 7,
 			"Hash": "0000000000000000000000000000000000000000000000000000000000000000"
+		},
+				{
+			"Name": "cc57efb0-2fa5-4101-8892-0fd278168185",
+			"Type": 7,
+			"Hash": "0000000000000000000000000000000000000000000000000000000000000000"
 		},
 		{
 			"Name": "31fb0d26-2b71-4fe9-a7b1-995bf0d9139c",

aws_cloudtrail/README.md

@@ -8,4 +8,20 @@ It provides the following utilities:
 - Actionables
 - Templates
 
-Refer to playbooks for implementation guides, and a kit overview for more detail on components.
+Refer to playbooks for implementation guides, and a kit overview for more detail on components.
+
+The CloudTrail kit is licensed is licensed under the BSD 2-Clause license and the contents are available on [Github](https://github.com/gravwell/kits/tree/main/aws_cloudtrail).
+
+## Dependencies
+- Null
+
+## Changelog
+ **1.0: Initial Release**
+	- actionables (2)
+	- dashboard (3)
+	- file (3)
+	- license (1)
+	- macro (1)
+	- playbook (3)
+	- searchlibrary (66)
+	- template (4)

aws_cloudtrail/file/cc57efb0-2fa5-4101-8892-0fd278168185.meta

@@ -0,0 +1,8 @@
+{
+	"GUID": "10e6bfe7-eccc-47c8-9e22-7147f39d9973",
+	"Name": "cover file for kit build \"AWS CloudTrail v1\"",
+	"Desc": "",
+	"Labels": [
+		"Kit Build"
+	]
+}

aws_cloudtrail/license/BSD 2-Clause.meta

@@ -0,0 +1,25 @@
+BSD 2-Clause License
+
+Copyright (c) 2026, Gravwell Inc
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice, this
+   list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright notice,
+   this list of conditions and the following disclaimer in the documentation
+   and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

aws_guardduty/MANIFEST

@@ -2,7 +2,7 @@
 	"ID": "io.gravwell.guardduty",
 	"Name": "AWS GuardDuty",
 	"Desc": "Provides tools and utilities to work with AWS GuardDuty logs",
-	"Readme": "This kit is designed to provide an out-of-the-box experience for reviewing AWS GuardDuty findings.\n\nIt provides the following utilities:\n- Queries\n- Dashboards\n\nRefer to playbooks for implementation guides, and a kit overview for more detail on components.",
+	"Readme": "This kit is designed to provide an out-of-the-box experience for reviewing AWS GuardDuty findings.\n\nIt provides the following utilities:\n- Queries\n- Dashboards\n\nRefer to playbooks for implementation guides, and a kit overview for more detail on components.\n\nThe Auditd Kit is licensed under the BSD 2-Clause license and the contents are available on [Github](https://github.com/gravwell/kits/tree/main/aws_guardduty).\n\n## Dependencies\n- Null\n\n## Changelog\n**1.0: Initial Release**\n- dashboard (2)\n- file (3)\n- license (1)\n- macro (3)\n- playbook (3)\n- searchlibrary (9)",
 	"Version": 1,
 	"MinVersion": {
 		"Major": 0,
@@ -14,11 +14,16 @@
 		"Minor": 9,
 		"Point": 9
 	},
-	"Icon": "302756cb-c324-4858-b092-d0c8f2d83af6",
+	"Icon": "ea21fc3a-fdb1-4ad1-ba3a-658b18f2d41a",
 	"Banner": "ba4b2c14-3763-492d-9f32-cafa189bff0b",
 	"Cover": "302756cb-c324-4858-b092-d0c8f2d83af6",
 	"Items": [
 		{
+            "Name": "BSD 2-Clause",
+            "Type": 10,
+            "Hash": "0000000000000000000000000000000000000000000000000000000000000000"
+        },
+        {
 			"Name": "GUARDDUTY_ALERT",
 			"Type": 8,
 			"Hash": "0000000000000000000000000000000000000000000000000000000000000000"
@@ -88,6 +93,11 @@
 			"Type": 7,
 			"Hash": "0000000000000000000000000000000000000000000000000000000000000000"
 		},
+		{
+			"Name": "ea21fc3a-fdb1-4ad1-ba3a-658b18f2d41a",
+			"Type": 7,
+			"Hash": "0000000000000000000000000000000000000000000000000000000000000000"
+		},
 		{
 			"Name": "ba4b2c14-3763-492d-9f32-cafa189bff0b",
 			"Type": 7,

aws_guardduty/README.md

@@ -5,4 +5,18 @@ It provides the following utilities:
 - Queries
 - Dashboards
 
-Refer to playbooks for implementation guides, and a kit overview for more detail on components.
+Refer to playbooks for implementation guides, and a kit overview for more detail on components.
+
+The Auditd Kit is licensed under the BSD 2-Clause license and the contents are available on [Github](https://github.com/gravwell/kits/tree/main/aws_guardduty).
+
+## Dependencies
+- Null
+
+## Changelog
+ **1.0: Initial Release**
+	- dashboard (2)
+	- file (3)
+	- license (1)
+	- macro (3)
+	- playbook (3)
+	- searchlibrary (9)

aws_guardduty/file/ea21fc3a-fdb1-4ad1-ba3a-658b18f2d41a.meta

@@ -0,0 +1,6 @@
+{
+	"GUID": "ea21fc3a-fdb1-4ad1-ba3a-658b18f2d41a",
+	"Name": "GuardDuty Icon",
+	"Desc": "",
+	"Labels": null
+}

aws_guardduty/license/BSD 2-Clause.meta

@@ -0,0 +1,25 @@
+BSD 2-Clause License
+
+Copyright (c) 2026, Gravwell Inc
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice, this
+   list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright notice,
+   this list of conditions and the following disclaimer in the documentation
+   and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

barracuda/MANIFEST

@@ -19,6 +19,10 @@
 	"Cover": "65c51746-4590-4451-9c8e-f0ea7275fa95",
 	"Items": [
 		{
+			"Name": "BSD 2-Clause",
+			"Type": 10,
+			"Hash": "0000000000000000000000000000000000000000000000000000000000000000"
+		},		{
 			"Name": "barracuda-lookup-spyware_type",
 			"Type": 1,
 			"Hash": "0000000000000000000000000000000000000000000000000000000000000000"

barracuda/license/BSD 2-Clause.meta

@@ -0,0 +1,25 @@
+BSD 2-Clause License
+
+Copyright (c) 2026, Gravwell Inc
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice, this
+   list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright notice,
+   this list of conditions and the following disclaimer in the documentation
+   and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

corelight/MANIFEST

@@ -6,7 +6,7 @@
 	"MinVersion": {
 		"Major": 5,
 		"Minor": 4,
-		"Point": 2 
+		"Point": 2
 	},
 	"MaxVersion": {
 		"Major": 5,
@@ -17,6 +17,11 @@
 	"Banner": "dcf4a811-d1a1-4db5-9399-ff3934b19e13",
 	"Cover": "b48104e6-5206-4f0a-99ba-fb23c1534853",
 	"Items": [
+		{
+			"Name": "BSD 2-Clause",
+			"Type": 10,
+			"Hash": "0000000000000000000000000000000000000000000000000000000000000000"
+		},
 		{
 			"Name": "36e50b20-9679-4285-a4a4-69da6d94de5e",
 			"Type": 6,
@@ -106,7 +111,7 @@
                         "Name": "1bc67d4c-ec04-4a94-a559-e443c7b02204",
                         "Type": 3,
                         "Hash": "0000000000000000000000000000000000000000000000000000000000000000"
-                },		
+                },
 		{
 			"Name": "c22c294a-2eb3-4d1b-be1a-3ea8b076e3e0",
 			"Type": 3,

corelight/license/BSD 2-Clause.meta

@@ -0,0 +1,25 @@
+BSD 2-Clause License
+
+Copyright (c) 2026, Gravwell Inc
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice, this
+   list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright notice,
+   this list of conditions and the following disclaimer in the documentation
+   and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.