CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

add opcua_binary_activate_session_diagnostic_info to hunt.eventfields.json

Browse Source
This commit is contained in:
Doug Burks
2022-11-25 17:47:41 -05:00
committed by GitHub
parent 13c8fb0004
commit 00078fd9e5
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
salt/soc/files/soc/hunt.eventfields.json
View File

@@ -75,6 +75,7 @@
"::modbus_detailed": ["soc_timestamp", "source.ip", "source.port", "destination.ip", "destination.port", "modbus.function", "log.id.uid" ],
"::opcua_binary": ["soc_timestamp", "source.ip", "source.port", "destination.ip", "destination.port", "opcua.identifier_string", "opcua.message_type", "log.id.uid" ],
"::opcua_binary_activate_session": ["soc_timestamp", "source.ip", "source.port", "destination.ip", "destination.port", "opcua.identifier_string", "opcua.user_name", "log.id.uid" ],
"::opcua_binary_activate_session_diagnostic_info": ["soc_timestamp", "source.ip", "source.port", "destination.ip", "destination.port", "opcua.activate_session_diag_info.link_id", "opcua.diag_info.link_id", "log.id.uid" ],
"::opcua_binary_activate_session_locale_id": ["soc_timestamp", "source.ip", "source.port", "destination.ip", "destination.port", "opcua.local_id", "opcua.locale.link_id", "log.id.uid" ],
"::opcua_binary_browse": ["soc_timestamp", "source.ip", "source.port", "destination.ip", "destination.port", "opcua.link_id", "opcua.service_type", "log.id.uid" ],
"::opcua_binary_browse_description": ["soc_timestamp", "source.ip", "source.port", "destination.ip", "destination.port", "log.id.uid" ],