CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix ics entries in so-functions

Browse Source
This commit is contained in:
Doug Burks
2022-11-25 09:19:11 -05:00
committed by GitHub
parent 40688a6076
commit 0afb20ffa8
1 changed files with 38 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

69
setup/so-functions
View File

@@ -2980,13 +2980,21 @@ zeek_logs_enabled() {
" - mysql"\ " - mysql"\
" - socks"\ " - socks"\
" - x509"\ " - x509"\
" - dnp3_objects"\
" - modbus_detailed"\
" - modbus_mask_write_single_register"\
" - modbus_read_write_multiple_registers"\
" - bacnet"\ " - bacnet"\
" - bacnet_discovery"\ " - bacnet_discovery"\
" - bacnet_property"\ " - bacnet_property"\
" - bsap_ip_header"\
" - bsap_ip_rdb"\
" - bsap_ip_unknown"\
" - bsap_serial_header"\
" - bsap_serial_rdb"\
" - bsap_serial_rdb_ext"\
" - bsap_serial_unknown"\
" - cip"\
" - cip_io"\
" - cip_identity"\
" - cotp"\
" - dnp3_objects"\
" - ecat_registers"\ " - ecat_registers"\
" - ecat_log_address"\ " - ecat_log_address"\
" - ecat_dev_info"\ " - ecat_dev_info"\
@@ -2996,47 +3004,46 @@ zeek_logs_enabled() {
" - ecat_soe_info"\ " - ecat_soe_info"\
" - ecat_arp_info"\ " - ecat_arp_info"\
" - enip"\ " - enip"\
" - cip"\ " - modbus_detailed"\
" - cip_io"\ " - modbus_mask_write_single_register"\
" - cip_identity"\ " - modbus_read_write_multiple_registers"\
" - opcua_binary"\ " - opcua_binary"\
" - opcua_binary_status_code_detail"\
" - opcua_binary_diag_info_detail"\
" - opcua_binary_get_endpoints"\
" - opcua_binary_get_endpoints_discovery"\
" - opcua_binary_get_endpoints_user_token"\
" - opcua_binary_get_endpoints_description"\
" - opcua_binary_get_endpoints_locale_id"\
" - opcua_binary_get_endpoints_profile_uri"\
" - opcua_binary_create_session"\
" - opcua_binary_create_session_user_token"\
" - opcua_binary_create_session_endpoints"\
" - opcua_binary_create_session_discovery"\
" - opcua_binary_activate_session"\ " - opcua_binary_activate_session"\
" - opcua_binary_activate_session_client_software_cert"\ " - opcua_binary_activate_session_client_software_cert"\
" - opcua_binary_activate_session_locale_id"\
" - opcua_binary_activate_session_diagnostic_info"\ " - opcua_binary_activate_session_diagnostic_info"\
" - opcua_binary_activate_session_locale_id"\
" - opcua_binary_browse"\ " - opcua_binary_browse"\
" - opcua_binary_browse_description"\ " - opcua_binary_browse_description"\
" - opcua_binary_browse_request_continuation_point"\
" - opcua_binary_browse_result"\
" - opcua_binary_browse_response_references"\
" - opcua_binary_browse_diagnostic_info"\ " - opcua_binary_browse_diagnostic_info"\
" - opcua_binary_browse_request_continuation_point"\
" - opcua_binary_browse_response_references"\
" - opcua_binary_browse_result"\
" - opcua_binary_create_session"\
" - opcua_binary_create_session_discovery"\
" - opcua_binary_create_session_endpoints"\
" - opcua_binary_create_session_user_token"\
" - opcua_binary_create_subscription"\ " - opcua_binary_create_subscription"\
" - opcua_binary_diag_info_detail"\
" - opcua_binary_get_endpoints"\
" - opcua_binary_get_endpoints_description"\
" - opcua_binary_get_endpoints_discovery"\
" - opcua_binary_get_endpoints_locale_id"\
" - opcua_binary_get_endpoints_profile_uri"\
" - opcua_binary_get_endpoints_user_token"\
" - opcua_binary_read"\ " - opcua_binary_read"\
" - cotp"\ " - opcua_binary_status_code_detail"\
" - profinet"\
" - profinet_dce_rpc"\
" - profinet_debug"\
" - s7comm"\ " - s7comm"\
" - s7comm_plus"\
" - s7comm_read_szl"\ " - s7comm_read_szl"\
" - s7comm_upload_download"\ " - s7comm_upload_download"\
" - s7comm_plus"\ " - stun"\
" - stun_nat"\
" - tds"\ " - tds"\
" - tds_rpc"\ " - tds_rpc"\
" - tds_sql_batch"\ " - tds_sql_batch"\
" - profinet_dce_rpc"\
" - profinet"\
" - profinet_debug"\
" - stun"\
" - stun_nat"\
" - wireguard" >> "$zeeklogs_pillar" " - wireguard" >> "$zeeklogs_pillar"
fi fi