update geoip country descriptions

2025-12-06 17:22:49 +01:00 · 2020-05-18 10:27:03 -04:00
parent 028d84b805
commit 00f6e8d61b
1 changed files with 2 additions and 2 deletions
--- a/salt/soc/files/soc/soc.json
+++ b/salt/soc/files/soc/soc.json
@@ -96,8 +96,8 @@
          { "name": "Zeek Notice", "description": "Show notices from Zeek", "query": "event.module:zeek AND event.dataset:notice | groupby notice.note notice.message"},
          { "name": "Connections", "description": "Connections grouped by IP and Port", "query": "event.module:zeek AND event.dataset:conn | groupby source.ip destination.ip network.protocol destination.port"},
          { "name": "Connections", "description": "Connections grouped by Service", "query": "event.module:zeek AND event.dataset:conn | groupby network.protocol destination.port"},
-          { "name": "Connections", "description": "Connections grouped by destination Geo", "query": "event.module:zeek AND event.dataset:conn | groupby destination.geo.country_name"},
+          { "name": "Connections", "description": "Connections grouped by destination country", "query": "event.module:zeek AND event.dataset:conn | groupby destination.geo.country_name"},
-          { "name": "Connections", "description": "Connections grouped by source Geo", "query": "event.module:zeek AND event.dataset:conn | groupby source.geo.country_name"},
+          { "name": "Connections", "description": "Connections grouped by source country", "query": "event.module:zeek AND event.dataset:conn | groupby source.geo.country_name"},
          { "name": "DCE_RPC", "description": "DCE_RPC grouped by operation", "query": "event.module:zeek AND event.dataset:dce_rpc | groupby operation"},
          { "name": "DHCP", "description": "DHCP leases", "query": "event.module:zeek AND event.dataset:dhcp | groupby host.hostname host.domain dhcp.requested_address"},
          { "name": "DHCP", "description": "DHCP grouped by message type", "query": "event.module:zeek AND event.dataset:dhcp | groupby message_types"},