CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update defaults.yaml

Browse Source
This commit is contained in:
Doug Burks
2023-12-14 13:30:52 -05:00
committed by GitHub
parent 042e5ae9f0
commit 8779fb8cbc
1 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
salt/soc/defaults.yaml
View File

@@ -470,6 +470,18 @@ soc:
- rule.action - rule.action
- rule.reason - rule.reason
- network.community_id - network.community_id
':pfsense:':
- soc_timestamp
- source.ip
- source.port
- destination.ip
- destination.port
- network.transport
- network.direction
- observer.ingress.interface.name
- event.action
- event.reason
- network.community_id
':osquery:': ':osquery:':
- soc_timestamp - soc_timestamp
- source.ip - source.ip