CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #6878 from Security-Onion-Solutions/fix/scan_pe_sections_entropy

Browse Source 
Fix/scan pe sections entropy
This commit is contained in:
Mike Reeves
2022-01-14 17:02:32 -05:00
committed by GitHub
parent a63787daba c512351dd6
commit 71da74fd00
2 changed files with 32 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
salt/elasticsearch/templates/so/so-case-template.json.jinja
View File

@@ -244,6 +244,26 @@
"message": {
"type": "text"
},
"scan":{
"type":"object",
"dynamic": true,
"properties":{
"exiftool":{
"type":"text"
},
"pe":{
"properties":{
"sections":{
"properties":{
"entropy":{
"type": "float"
}
}
}
}
}
}
},
"tags": {
"type": "keyword",
"ignore_above": 1024

13
salt/elasticsearch/templates/so/so-common-template.json.jinja
View File

@@ -734,7 +734,18 @@
"properties":{
"exiftool":{
"type":"text"
}
},
"pe":{
"properties":{
"sections":{
"properties":{
"entropy":{
"type": "float"
}
}
}
}
}
}
},
"server":{