mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-07 09:42:46 +01:00
Merge pull request #12938 from Security-Onion-Solutions/dougburks-patch-1
FEATURE: Add Events table columns for tunnel logs #12937
This commit is contained in:
Doug Burks
GitHub
@@ -502,16 +502,15 @@ soc:
|
|||||||
- syslog.severity
|
- syslog.severity
|
||||||
- log.id.uid
|
- log.id.uid
|
||||||
- event.dataset
|
- event.dataset
|
||||||
'::tunnels':
|
'::tunnel':
|
||||||
- soc_timestamp
|
- soc_timestamp
|
||||||
|
- event.dataset
|
||||||
- source.ip
|
- source.ip
|
||||||
- source.port
|
- source.port
|
||||||
- destination.ip
|
- destination.ip
|
||||||
- destination.port
|
- destination.port
|
||||||
- tunnel_type
|
- event.action
|
||||||
- action
|
- tunnel.type
|
||||||
- log.id.uid
|
|
||||||
- event.dataset
|
|
||||||
'::weird':
|
'::weird':
|
||||||
- soc_timestamp
|
- soc_timestamp
|
||||||
- source.ip
|
- source.ip
|
||||||
|
|||||||
Reference in New Issue
Block a user