CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #6878 from Security-Onion-Solutions/fix/scan_pe_sections_entropy

Browse Source 
Fix/scan pe sections entropy
This commit is contained in:
Mike Reeves
2022-01-14 17:02:32 -05:00
committed by GitHub
parent a63787daba c512351dd6
commit 71da74fd00
2 changed files with 32 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
salt/elasticsearch/templates/so/so-case-template.json.jinja
View File

@@ -244,6 +244,26 @@
"message": { "message": {
"type": "text" "type": "text"
}, },
"scan":{
"type":"object",
"dynamic": true,
"properties":{
"exiftool":{
"type":"text"
},
"pe":{
"properties":{
"sections":{
"properties":{
"entropy":{
"type": "float"
}
}
}
}
}
}
},
"tags": { "tags": {
"type": "keyword", "type": "keyword",
"ignore_above": 1024 "ignore_above": 1024

11
salt/elasticsearch/templates/so/so-common-template.json.jinja
View File

@@ -734,6 +734,17 @@
"properties":{ "properties":{
"exiftool":{ "exiftool":{
"type":"text" "type":"text"
},
"pe":{
"properties":{
"sections":{
"properties":{
"entropy":{
"type": "float"
}
}
}
}
} }
} }
}, },