Educause Security Discussion mailing list archives
FW: SECURITY Digest - 25 Jan 2019 to 28 Jan 2019 (#2019-13)
From: "Garmon, Joel" <JSG () PITT EDU>
Date: Tue, 29 Jan 2019 12:41:05 +0000
Consider using and contributing
The Technical Advisory Group (TAG), a standing REN-ISAC committee[1], is very pleased to announce a new service: A
public GitHub repository[2] of member-contributed O365 scripts for security incident analysis and response.
-----Original Message-----
From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of SECURITY
automatic digest system
Sent: Tuesday, January 29, 2019 12:02 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: SECURITY Digest - 25 Jan 2019 to 28 Jan 2019 (#2019-13)
There are 7 messages totalling 1377 lines in this issue.
Topics of the day:
1. REN-ISAC TAG Service Announcement: O365 Community Scripts Repository (2)
2. [EXTERNAL] Re: [SECURITY] REN-ISAC TAG Service Announcement: O365
Community Scripts Repository (2)
3. Google IR scripts, was Re: [SECURITY] [EXTERNAL] Re: [SECURITY] REN-ISAC
TAG Service Announcement: O365 Community Scripts Repository (3)
----------------------------------------------------------------------
Date: Mon, 28 Jan 2019 20:45:38 +0000
From: "Manjak, Martin" <mmanjak () ALBANY EDU>
Subject: REN-ISAC TAG Service Announcement: O365 Community Scripts Repository
Greetings Everyone;
The Technical Advisory Group (TAG), a standing REN-ISAC committee[1], is very pleased to announce a new service: A
public GitHub repository[2] of member-contributed O365 scripts for security incident analysis and response.
In addition to the scripts, here's some of the information you will find on the site:
o A description of the different types of O365 logs available by license tier.
o How and what tools can be used to pull those logs.
o How to export those logs to external tools (e.g., SIEM).
o A collection of tested, production scripts from REN-ISAC members.
This project is intended to encourage further community-of-practice collaborations and contributions (e.g., a GAFE
repository) to sustain and increase the value of this open source resource.
Participation
Contributions are welcome, whether new scripts, documentation, or improvements to existing work. Refer to
CONTRIBUTING.md[3] for details.
Scripts currently published include:
+ MessageTraceLogGatherer
+ O365_Clear_Forwarding
+ O365_Find_Forwarding_Duplicates
+ O365_Get_InboxRules
+ O365_Get_Last_PW_Reset
+ O365_Get_Mailbox_Forwarding
+ O365_Get_Message_Trace
Feedback and Proposals
Please share your thoughts about this service offering and submit proposals for similar projects via tag-comment ()
lists ren-isac net<mailto:tag-comment () lists ren-isac net>.
======================
[1]
https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ren-isac.net%2Fabout%2Fgovernance%2Ftag.html&data=02%7C01%7Cjsg%40PITT.EDU%7C1a970f96f1f54dbd3bfe08d685a6f649%7C9ef9f489e0a04eeb87cc3a526112fd0d%7C1%7C0%7C636843349500364118&sdata=r4dn6MMnswvCOP21IUok%2FJmxISTx5kpQ7hk1BiG%2FKdg%3D&reserved=0
[2]
https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Frenisac%2FO365-Management-and-Log-Scripts&data=02%7C01%7Cjsg%40PITT.EDU%7C1a970f96f1f54dbd3bfe08d685a6f649%7C9ef9f489e0a04eeb87cc3a526112fd0d%7C1%7C0%7C636843349500364118&sdata=LJOEtrVYPP3hA%2Bn7o%2BgRf6kgB%2FCLrW3wXiSHf0nRMyk%3D&reserved=0
[3]
https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Frenisac%2FO365-Management-and-Log-Scripts%2Fblob%2Fmaster%2FCONTRIBUTING.md&data=02%7C01%7Cjsg%40PITT.EDU%7C1a970f96f1f54dbd3bfe08d685a6f649%7C9ef9f489e0a04eeb87cc3a526112fd0d%7C1%7C0%7C636843349500364118&sdata=IeJOSefD8nIAsfkaC57ir9aGEntgpOYkvsH2eQFAwBs%3D&reserved=0
Martin Manjak, CISSP
Chief Information Security Officer
Information Technology Services
University at Albany
1400 Washington Ave., ITB 102F
Albany, NY 12222
518/442-6411
mmanjak () albany edu<mailto:mmanjak () albany edu>
------------------------------
Date: Mon, 28 Jan 2019 22:07:48 +0000
From: Stephen Fugale <stephen.fugale () VILLANOVA EDU>
Subject: Re: REN-ISAC TAG Service Announcement: O365 Community Scripts Repository
We need milk
Stephen Fugale
Vice President &
Chief Information Officer
Villanova University
On Jan 28, 2019, at 3:45 PM, Manjak, Martin <mmanjak () albany edu<mailto:mmanjak () albany edu>> wrote:
Greetings Everyone;
The Technical Advisory Group (TAG), a standing REN-ISAC committee[1], is very pleased to announce a new service: A
public GitHub repository[2] of member-contributed O365 scripts for security incident analysis and response.
In addition to the scripts, here's some of the information you will find on the site:
o A description of the different types of O365 logs available by license tier.
o How and what tools can be used to pull those logs.
o How to export those logs to external tools (e.g., SIEM).
o A collection of tested, production scripts from REN-ISAC members.
This project is intended to encourage further community-of-practice collaborations and contributions (e.g., a GAFE
repository) to sustain and increase the value of this open source resource.
Participation
Contributions are welcome, whether new scripts, documentation, or improvements to existing work. Refer to
CONTRIBUTING.md[3] for details.
Scripts currently published include:
+ MessageTraceLogGatherer
+ O365_Clear_Forwarding
+ O365_Find_Forwarding_Duplicates
+ O365_Get_InboxRules
+ O365_Get_Last_PW_Reset
+ O365_Get_Mailbox_Forwarding
+ O365_Get_Message_Trace
Feedback and Proposals
Please share your thoughts about this service offering and submit proposals for similar projects via tag-comment ()
lists ren-isac net<mailto:tag-comment () lists ren-isac net>.
======================
[1]
https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ren-isac.net%2Fabout%2Fgovernance%2Ftag.html&data=02%7C01%7Cjsg%40PITT.EDU%7C1a970f96f1f54dbd3bfe08d685a6f649%7C9ef9f489e0a04eeb87cc3a526112fd0d%7C1%7C0%7C636843349500364118&sdata=r4dn6MMnswvCOP21IUok%2FJmxISTx5kpQ7hk1BiG%2FKdg%3D&reserved=0<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ren-isac.net%2Fabout%2Fgovernance%2Ftag.html&data=02%7C01%7Cjsg%40PITT.EDU%7C1a970f96f1f54dbd3bfe08d685a6f649%7C9ef9f489e0a04eeb87cc3a526112fd0d%7C1%7C0%7C636843349500364118&sdata=r4dn6MMnswvCOP21IUok%2FJmxISTx5kpQ7hk1BiG%2FKdg%3D&reserved=0>
[2]
https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Frenisac%2FO365-Management-and-Log-Scripts&data=02%7C01%7Cjsg%40PITT.EDU%7C1a970f96f1f54dbd3bfe08d685a6f649%7C9ef9f489e0a04eeb87cc3a526112fd0d%7C1%7C0%7C636843349500364118&sdata=LJOEtrVYPP3hA%2Bn7o%2BgRf6kgB%2FCLrW3wXiSHf0nRMyk%3D&reserved=0<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Frenisac%2FO365-Management-and-Log-Scripts&data=02%7C01%7Cjsg%40PITT.EDU%7C1a970f96f1f54dbd3bfe08d685a6f649%7C9ef9f489e0a04eeb87cc3a526112fd0d%7C1%7C0%7C636843349500364118&sdata=LJOEtrVYPP3hA%2Bn7o%2BgRf6kgB%2FCLrW3wXiSHf0nRMyk%3D&reserved=0>
[3]
https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Frenisac%2FO365-Management-and-Log-Scripts%2Fblob%2Fmaster%2FCONTRIBUTING.md&data=02%7C01%7Cjsg%40PITT.EDU%7C1a970f96f1f54dbd3bfe08d685a6f649%7C9ef9f489e0a04eeb87cc3a526112fd0d%7C1%7C0%7C636843349500364118&sdata=IeJOSefD8nIAsfkaC57ir9aGEntgpOYkvsH2eQFAwBs%3D&reserved=0<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Frenisac%2FO365-Management-and-Log-Scripts%2Fblob%2Fmaster%2FCONTRIBUTING.md&data=02%7C01%7Cjsg%40PITT.EDU%7C1a970f96f1f54dbd3bfe08d685a6f649%7C9ef9f489e0a04eeb87cc3a526112fd0d%7C1%7C0%7C636843349500364118&sdata=IeJOSefD8nIAsfkaC57ir9aGEntgpOYkvsH2eQFAwBs%3D&reserved=0>
Martin Manjak, CISSP
Chief Information Security Officer
Information Technology Services
University at Albany
1400 Washington Ave., ITB 102F
Albany, NY 12222
518/442-6411
mmanjak () albany edu<mailto:mmanjak () albany edu>
------------------------------
Date: Mon, 28 Jan 2019 22:24:21 +0000
From: "Jimenez, Julio" <jjimene2 () UNCFSU EDU>
Subject: Re: [EXTERNAL] Re: [SECURITY] REN-ISAC TAG Service Announcement: O365 Community Scripts Repository
I'll get some on the way home, anything else?
Julio Jim?nez
OSCP OSWP CEH CNDA PCCSA
Information Security Officer
Information Technology Services
Fayetteville State University
910 672 2988
jjimenez () unsfu edu
________________________________
From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Stephen Fugale
<stephen.fugale () VILLANOVA EDU>
Sent: Monday, January 28, 2019 5:07:48 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [EXTERNAL] Re: [SECURITY] REN-ISAC TAG Service Announcement: O365 Community Scripts Repository
We need milk
Stephen Fugale
Vice President &
Chief Information Officer
Villanova University
On Jan 28, 2019, at 3:45 PM, Manjak, Martin <mmanjak () albany edu<mailto:mmanjak () albany edu>> wrote:
Greetings Everyone;
The Technical Advisory Group (TAG), a standing REN-ISAC committee[1], is very pleased to announce a new service: A
public GitHub repository[2] of member-contributed O365 scripts for security incident analysis and response.
In addition to the scripts, here's some of the information you will find on the site:
o A description of the different types of O365 logs available by license tier.
o How and what tools can be used to pull those logs.
o How to export those logs to external tools (e.g., SIEM).
o A collection of tested, production scripts from REN-ISAC members.
This project is intended to encourage further community-of-practice collaborations and contributions (e.g., a GAFE
repository) to sustain and increase the value of this open source resource.
Participation
Contributions are welcome, whether new scripts, documentation, or improvements to existing work. Refer to
CONTRIBUTING.md[3] for details.
Scripts currently published include:
+ MessageTraceLogGatherer
+ O365_Clear_Forwarding
+ O365_Find_Forwarding_Duplicates
+ O365_Get_InboxRules
+ O365_Get_Last_PW_Reset
+ O365_Get_Mailbox_Forwarding
+ O365_Get_Message_Trace
Feedback and Proposals
Please share your thoughts about this service offering and submit proposals for similar projects via tag-comment ()
lists ren-isac net<mailto:tag-comment () lists ren-isac net>.
======================
[1]
https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ren-isac.net%2Fabout%2Fgovernance%2Ftag.html&data=02%7C01%7Cjsg%40PITT.EDU%7C1a970f96f1f54dbd3bfe08d685a6f649%7C9ef9f489e0a04eeb87cc3a526112fd0d%7C1%7C0%7C636843349500364118&sdata=r4dn6MMnswvCOP21IUok%2FJmxISTx5kpQ7hk1BiG%2FKdg%3D&reserved=0<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ren-isac.net%2Fabout%2Fgovernance%2Ftag.html&data=02%7C01%7Cjsg%40PITT.EDU%7C1a970f96f1f54dbd3bfe08d685a6f649%7C9ef9f489e0a04eeb87cc3a526112fd0d%7C1%7C0%7C636843349500364118&sdata=r4dn6MMnswvCOP21IUok%2FJmxISTx5kpQ7hk1BiG%2FKdg%3D&reserved=0>
[2]
https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Frenisac%2FO365-Management-and-Log-Scripts&data=02%7C01%7Cjsg%40PITT.EDU%7C1a970f96f1f54dbd3bfe08d685a6f649%7C9ef9f489e0a04eeb87cc3a526112fd0d%7C1%7C0%7C636843349500364118&sdata=LJOEtrVYPP3hA%2Bn7o%2BgRf6kgB%2FCLrW3wXiSHf0nRMyk%3D&reserved=0<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Frenisac%2FO365-Management-and-Log-Scripts&data=02%7C01%7Cjsg%40PITT.EDU%7C1a970f96f1f54dbd3bfe08d685a6f649%7C9ef9f489e0a04eeb87cc3a526112fd0d%7C1%7C0%7C636843349500364118&sdata=LJOEtrVYPP3hA%2Bn7o%2BgRf6kgB%2FCLrW3wXiSHf0nRMyk%3D&reserved=0>
[3]
https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Frenisac%2FO365-Management-and-Log-Scripts%2Fblob%2Fmaster%2FCONTRIBUTING.md&data=02%7C01%7Cjsg%40PITT.EDU%7C1a970f96f1f54dbd3bfe08d685a6f649%7C9ef9f489e0a04eeb87cc3a526112fd0d%7C1%7C0%7C636843349500520362&sdata=Z342Qv514wXY4SREfA844Jbsr1knPIX4o2fgLHxG5jY%3D&reserved=0<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Frenisac%2FO365-Management-and-Log-Scripts%2Fblob%2Fmaster%2FCONTRIBUTING.md&data=02%7C01%7Cjsg%40PITT.EDU%7C1a970f96f1f54dbd3bfe08d685a6f649%7C9ef9f489e0a04eeb87cc3a526112fd0d%7C1%7C0%7C636843349500520362&sdata=Z342Qv514wXY4SREfA844Jbsr1knPIX4o2fgLHxG5jY%3D&reserved=0>
Martin Manjak, CISSP
Chief Information Security Officer
Information Technology Services
University at Albany
1400 Washington Ave., ITB 102F
Albany, NY 12222
518/442-6411
mmanjak () albany edu<mailto:mmanjak () albany edu>
------------------------------
Date: Mon, 28 Jan 2019 22:27:40 +0000
From: "Hart, Michael" <mhart20 () MSUDENVER EDU>
Subject: Re: [EXTERNAL] Re: [SECURITY] REN-ISAC TAG Service Announcement: O365 Community Scripts Repository
1,200 in iTunes gift cards, please.
I in a meeting so I cannot converse right now. send me pictures of the back of the cards. company reimburse you later.
Kindest regards,
<Your Boss>
<Contact number scraped from website>
From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Jimenez, Julio
Sent: Monday, January 28, 2019 3:24 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] [EXTERNAL] Re: [SECURITY] REN-ISAC TAG Service Announcement: O365 Community Scripts Repository
I'll get some on the way home, anything else?
Julio Jiménez
OSCP OSWP CEH CNDA PCCSA
Information Security Officer
Information Technology Services
Fayetteville State University
910 672 2988
jjimenez () unsfu edu<mailto:jjimenez () unsfu edu>
________________________________
From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV
EDUCAUSE EDU>> on behalf of Stephen Fugale <stephen.fugale () VILLANOVA EDU<mailto:stephen.fugale () VILLANOVA EDU>>
Sent: Monday, January 28, 2019 5:07:48 PM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [EXTERNAL] Re: [SECURITY] REN-ISAC TAG Service Announcement: O365 Community Scripts Repository
We need milk
Stephen Fugale
Vice President &
Chief Information Officer
Villanova University
On Jan 28, 2019, at 3:45 PM, Manjak, Martin <mmanjak () albany edu<mailto:mmanjak () albany edu>> wrote:
Greetings Everyone;
The Technical Advisory Group (TAG), a standing REN-ISAC committee[1], is very pleased to announce a new service: A
public GitHub repository[2] of member-contributed O365 scripts for security incident analysis and response.
In addition to the scripts, here's some of the information you will find on the site:
o A description of the different types of O365 logs available by license tier.
o How and what tools can be used to pull those logs.
o How to export those logs to external tools (e.g., SIEM).
o A collection of tested, production scripts from REN-ISAC members.
This project is intended to encourage further community-of-practice collaborations and contributions (e.g., a GAFE
repository) to sustain and increase the value of this open source resource.
Participation
Contributions are welcome, whether new scripts, documentation, or improvements to existing work. Refer to
CONTRIBUTING.md[3] for details.
Scripts currently published include:
+ MessageTraceLogGatherer
+ O365_Clear_Forwarding
+ O365_Find_Forwarding_Duplicates
+ O365_Get_InboxRules
+ O365_Get_Last_PW_Reset
+ O365_Get_Mailbox_Forwarding
+ O365_Get_Message_Trace
Feedback and Proposals
Please share your thoughts about this service offering and submit proposals for similar projects via tag-comment ()
lists ren-isac net<mailto:tag-comment () lists ren-isac net>.
======================
[1]
https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ren-isac.net%2Fabout%2Fgovernance%2Ftag.html&data=02%7C01%7Cjsg%40PITT.EDU%7C1a970f96f1f54dbd3bfe08d685a6f649%7C9ef9f489e0a04eeb87cc3a526112fd0d%7C1%7C0%7C636843349500520362&sdata=eqYgXVQl3qF74Knb%2BOvRRcXC46ktRI%2F%2Fkhk3eDfbWek%3D&reserved=0<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ren-isac.net%2Fabout%2Fgovernance%2Ftag.html&data=02%7C01%7Cjsg%40PITT.EDU%7C1a970f96f1f54dbd3bfe08d685a6f649%7C9ef9f489e0a04eeb87cc3a526112fd0d%7C1%7C0%7C636843349500520362&sdata=eqYgXVQl3qF74Knb%2BOvRRcXC46ktRI%2F%2Fkhk3eDfbWek%3D&reserved=0>
[2]
https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Frenisac%2FO365-Management-and-Log-Scripts&data=02%7C01%7Cjsg%40PITT.EDU%7C1a970f96f1f54dbd3bfe08d685a6f649%7C9ef9f489e0a04eeb87cc3a526112fd0d%7C1%7C0%7C636843349500520362&sdata=IZr6%2Fe5%2FNOtyE3J%2FBThaQlxbXRP%2BTnlj0kkFk9o1lgA%3D&reserved=0<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Frenisac%2FO365-Management-and-Log-Scripts&data=02%7C01%7Cjsg%40PITT.EDU%7C1a970f96f1f54dbd3bfe08d685a6f649%7C9ef9f489e0a04eeb87cc3a526112fd0d%7C1%7C0%7C636843349500520362&sdata=IZr6%2Fe5%2FNOtyE3J%2FBThaQlxbXRP%2BTnlj0kkFk9o1lgA%3D&reserved=0>
[3]
https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Frenisac%2FO365-Management-and-Log-Scripts%2Fblob%2Fmaster%2FCONTRIBUTING.md&data=02%7C01%7Cjsg%40PITT.EDU%7C1a970f96f1f54dbd3bfe08d685a6f649%7C9ef9f489e0a04eeb87cc3a526112fd0d%7C1%7C0%7C636843349500520362&sdata=Z342Qv514wXY4SREfA844Jbsr1knPIX4o2fgLHxG5jY%3D&reserved=0<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Frenisac%2FO365-Management-and-Log-Scripts%2Fblob%2Fmaster%2FCONTRIBUTING.md&data=02%7C01%7Cjsg%40PITT.EDU%7C1a970f96f1f54dbd3bfe08d685a6f649%7C9ef9f489e0a04eeb87cc3a526112fd0d%7C1%7C0%7C636843349500520362&sdata=Z342Qv514wXY4SREfA844Jbsr1knPIX4o2fgLHxG5jY%3D&reserved=0>
Martin Manjak, CISSP
Chief Information Security Officer
Information Technology Services
University at Albany
1400 Washington Ave., ITB 102F
Albany, NY 12222
518/442-6411
mmanjak () albany edu<mailto:mmanjak () albany edu>
------------------------------
Date: Mon, 28 Jan 2019 17:31:05 -0500
From: Kevin Wilcox <wilcoxkm () APPSTATE EDU>
Subject: Google IR scripts, was Re: [SECURITY] [EXTERNAL] Re: [SECURITY] REN-ISAC TAG Service Announcement: O365
Community Scripts Repository
On Mon, 28 Jan 2019 at 17:24, Jimenez, Julio < 000000b369504993-dmarc-request () listserv educause edu> wrote:
I'll get some on the way home, anything else?
Some haggis and blood pudding would be amazing, thanks =) On a serious note (not that haggis and blood pudding aren't serious business), is the community interested in a Google equivalent of some of these? I maintain: https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fkevinwilcox%2Fpython-google-api&data=02%7C01%7Cjsg%40PITT.EDU%7C1a970f96f1f54dbd3bfe08d685a6f649%7C9ef9f489e0a04eeb87cc3a526112fd0d%7C1%7C0%7C636843349500520362&sdata=TKBQ7aWTjN8suQWAHvjdkwrAR5Mf6%2FCGcEBGYsGe2fQ%3D&reserved=0 where I have some more "hands-on" stuff written (they're written as people ask for them or I need to use them in my personal domains - I don't have tokens with the necessary scopes to write them at App, hence being available and via 3-BSD). The only folks I know using them have either been other RI schools and some orgs I know through SANS but if anyone in a Google school doesn't want to use GAM and wants something specific, the Google APIs are pretty straightforward and I enjoy the weekend/late night projects. kmw ------------------------------ Date: Mon, 28 Jan 2019 18:21:47 -0500 From: Valdis Kletnieks <valdis.kletnieks () VT EDU> Subject: Re: Google IR scripts, was Re: [SECURITY] [EXTERNAL] Re: [SECURITY] REN-ISAC TAG Service Announcement: O365 Community Scripts Repository On Mon, 28 Jan 2019 17:31:05 -0500, Kevin Wilcox said:
Some haggis and blood pudding would be amazing, thanks =) On a serious note (not that haggis and blood pudding aren't serious business), is the community interested in a Google equivalent of some of these?
What is the Google equivalent of haggis? ------------------------------ Date: Tue, 29 Jan 2019 01:43:01 +0000 From: Kevin Wilcox <wilcoxkm () APPSTATE EDU> Subject: Re: Google IR scripts, was Re: [SECURITY] [EXTERNAL] Re: [SECURITY] REN-ISAC TAG Service Announcement: O365 Community Scripts Repository On Mon, 28 Jan 2019 at 23:21, Valdis Kletnieks <valdis.kletnieks () vt edu> wrote:
On Mon, 28 Jan 2019 17:31:05 -0500, Kevin Wilcox said:On a serious note (not that haggis and blood pudding aren't serious business), is the community interested in a Google equivalent of some of these?What is the Google equivalent of haggis?
A TeamDrive create log, a Drive file permission change log and a token usage log all wrapped in their version of JSON, shipped via syslog, boiled in a Splunk forwarder and presented with at-read attempts at enrichment? =) Given I'm a massive fan of Scottish cuisine, that's a bit unfair to the haggis... kmw ------------------------------ End of SECURITY Digest - 25 Jan 2019 to 28 Jan 2019 (#2019-13) **************************************************************
Current thread:
- FW: SECURITY Digest - 25 Jan 2019 to 28 Jan 2019 (#2019-13) Garmon, Joel (Jan 29)