Log rejected DICOM association attempts to Redis (#68)#84
Open
nishantxscooby wants to merge 7 commits intohoneynet:v2.0from
Open
Log rejected DICOM association attempts to Redis (#68)#84nishantxscooby wants to merge 7 commits intohoneynet:v2.0from
nishantxscooby wants to merge 7 commits intohoneynet:v2.0from
Conversation
Add redis support for rejected association events
Add session collector method to log rejected associations
Expose record_rejected_assoc in ISessionCollector
Log all association attempts for security monitoring (fix honeynet#68)
Log all association attempts for security monitoring (fix honeynet#68)
Fix duplicate record_rejected_assoc and use Redis injection
Author
|
Implemented Redis logging for rejected DICOM association attempts. |
Collaborator
|
@nishantxscooby will keep this open for v3.0, I will rebase on top of it and keep some of your changes to the logger |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR logs rejected DICOM association attempts to Redis for forensic
analysis and threat intelligence correlation.
Security events are recorded at association negotiation time.
Redis key: dicom:events:assoc_rejected
Fields: timestamp, ip, calling_ae, called_ae, reason