CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

FEATURE: Add Events table columns for event.module strelka #12716

Browse Source
This commit is contained in:
Doug Burks
2024-04-02 10:11:16 -04:00
committed by GitHub
parent 55e71c867c
commit b2b54ccf60
1 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
salt/soc/defaults.yaml
View File

@@ -1894,6 +1894,15 @@ soc:
- event_data.destination.port - event_data.destination.port
- event_data.process.executable - event_data.process.executable
- event_data.process.pid - event_data.process.pid
':strelka:':
- soc_timestamp
- file.name
- file.size
- hash.md5
- file.source
- file.mime_type
- log.id.fuid
- event.dataset
queryBaseFilter: tags:alert queryBaseFilter: tags:alert
queryToggleFilters: queryToggleFilters:
- name: acknowledged - name: acknowledged