CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

add endpoint_x_events_x_process to defaults.yaml

Browse Source
This commit is contained in:
Doug Burks
2024-02-23 14:03:04 -05:00
committed by GitHub
parent 1824d7b36d
commit b8baca417b
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
salt/soc/defaults.yaml
View File

@@ -995,6 +995,14 @@ soc:
- tds.header_type - tds.header_type
- log.id.uid - log.id.uid
- event.dataset - event.dataset
':endpoint:endpoint_x_events_x_process':
- soc_timestamp
- event.dataset
- host.name
- user.name
- process.parent.name
- process.name
- process.working_directory
server: server:
bindAddress: 0.0.0.0:9822 bindAddress: 0.0.0.0:9822
baseUrl: / baseUrl: /