CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-29 04:13:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

Remove OSSEC configuration

Browse Source
This commit is contained in:
weslambert
2023-08-21 11:20:47 -04:00
committed by GitHub
parent 708a681ed9
commit 9e18fe64cf
1 changed files with 0 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
salt/soc/defaults.yaml
View File

@@ -474,19 +474,6 @@ soc:
- event.dataset
- process.executable
- user.name
':ossec:':
- soc_timestamp
- source.ip
- source.port
- destination.ip
- destination.port
- rule.name
- rule.level
- rule.category
- process.name
- user.name
- user.escalated
- location
':strelka:file':
- soc_timestamp
- file.name
@@ -523,28 +510,6 @@ soc:
- message
- kibana.log.meta.req.headers.x-real-ip
- event.dataset
'::rootcheck':
- soc_timestamp
- host.name
- metadata.ip_address
- log.full
- event.dataset
- event.module
'::ossec':
- soc_timestamp
- host.name
- metadata.ip_address
- log.full
- event.dataset
- event.module
'::syscollector':
- soc_timestamp
- host.name
- metadata.ip_address
- wazuh.data.type
- log.full
- event.dataset
- event.module
':syslog:syslog':
- soc_timestamp
- host.name
@@ -1621,21 +1586,6 @@ soc:
- rule.uuid
- rule.category
- rule.rev
':ossec:':
- soc_timestamp
- rule.name
- event.severity_label
- source.ip
- source.port
- destination.ip
- destination.port
- rule.level
- rule.category
- process.name
- user.name
- user.escalated
- location
- process.name
queryBaseFilter: tags:alert
queryToggleFilters:
- name: acknowledged