CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-06-13 05:39:18 +02:00
Code Issues Packages Projects Releases Wiki Activity

Remove OSSEC configuration

Browse Source
This commit is contained in:
weslambert
2023-08-21 11:20:47 -04:00
committed by GitHub
parent 708a681ed9
commit 9e18fe64cf
1 changed files with 0 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files
salt/soc/defaults.yaml
-50
View File
@@ -474,19 +474,6 @@ soc:
- event.dataset - event.dataset
- process.executable - process.executable
- user.name - user.name
':ossec:':
- soc_timestamp
- source.ip
- source.port
- destination.ip
- destination.port
- rule.name
- rule.level
- rule.category
- process.name
- user.name
- user.escalated
- location
':strelka:file': ':strelka:file':
- soc_timestamp - soc_timestamp
- file.name - file.name
@@ -523,28 +510,6 @@ soc:
- message - message
- kibana.log.meta.req.headers.x-real-ip - kibana.log.meta.req.headers.x-real-ip
- event.dataset - event.dataset
'::rootcheck':
- soc_timestamp
- host.name
- metadata.ip_address
- log.full
- event.dataset
- event.module
'::ossec':
- soc_timestamp
- host.name
- metadata.ip_address
- log.full
- event.dataset
- event.module
'::syscollector':
- soc_timestamp
- host.name
- metadata.ip_address
- wazuh.data.type
- log.full
- event.dataset
- event.module
':syslog:syslog': ':syslog:syslog':
- soc_timestamp - soc_timestamp
- host.name - host.name
@@ -1621,21 +1586,6 @@ soc:
- rule.uuid - rule.uuid
- rule.category - rule.category
- rule.rev - rule.rev
':ossec:':
- soc_timestamp
- rule.name
- event.severity_label
- source.ip
- source.port
- destination.ip
- destination.port
- rule.level
- rule.category
- process.name
- user.name
- user.escalated
- location
- process.name
queryBaseFilter: tags:alert queryBaseFilter: tags:alert
queryToggleFilters: queryToggleFilters:
- name: acknowledged - name: acknowledged