CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-01-26 01:43:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add s7comm_upload_download references in various places

Browse Source
This commit is contained in:
Wes
2022-11-29 19:58:18 +00:00
parent 6fe2857ba5
commit 5db3e22363
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
salt/soc/files/soc/hunt.eventfields.json
View File

@@ -99,6 +99,8 @@
"::profinet_dce_rpc": ["soc_timestamp", "source.ip", "source.port", "destination.ip", "destination.port", "profinet.operation", "log.id.uid" ],
"::s7comm": ["soc_timestamp", "source.ip", "source.port", "destination.ip", "destination.port", "s7.ros.control.name", "s7.function.name", "log.id.uid" ],
"::s7comm_plus": ["soc_timestamp", "source.ip", "source.port", "destination.ip", "destination.port", "s7.opcode.name", "s7.version", "log.id.uid" ],
"::s7comm_read_szl": ["soc_timestamp", "source.ip", "source.port", "destination.ip", "destination.port", "s7.szl_id_name", "s7.return_code_name", "log.id.uid" ],
"::s7comm_upload_download": ["soc_timestamp", "source.ip", "source.port", "destination.ip", "destination.port", "s7.ros.control.name", "s7.function_code", "log.id.uid" ],
"::tds": ["soc_timestamp", "source.ip", "source.port", "destination.ip", "destination.port", "tds.command", "log.id.uid", "event.dataset" ],
"::tds_rpc": ["soc_timestamp", "source.ip", "source.port", "destination.ip", "destination.port", "tds.procedure_name", "log.id.uid", "event.dataset" ],
"::tds_sql_batch": ["soc_timestamp", "source.ip", "source.port", "destination.ip", "destination.port", "tds.header_type", "log.id.uid", "event.dataset" ]