CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

FEATURE: Add Events table columns for tunnel logs #12937

Browse Source
This commit is contained in:
Doug Burks
2024-05-06 08:22:08 -04:00
committed by GitHub
parent 6d5ff59657
commit 7b905f5a94
1 changed files with 4 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
salt/soc/defaults.yaml
View File

@@ -502,16 +502,15 @@ soc:
- syslog.severity - syslog.severity
- log.id.uid - log.id.uid
- event.dataset - event.dataset
'::tunnels': '::tunnel':
- soc_timestamp - soc_timestamp
- event.dataset
- source.ip - source.ip
- source.port - source.port
- destination.ip - destination.ip
- destination.port - destination.port
- tunnel_type - event.action
- action - tunnel.type
- log.id.uid
- event.dataset
'::weird': '::weird':
- soc_timestamp - soc_timestamp
- source.ip - source.ip