CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-17 22:42:51 +01:00
Code Issues Packages Projects Releases Wiki Activity

zeek ldap & ldap_search parsing

Browse Source 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
This commit is contained in:
reyesj2
2025-01-09 16:06:10 -06:00
parent 0e87351a9c
commit e60a1e4357
4 changed files with 149 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
salt/elasticsearch/files/ingest/zeek.ldap_search Normal file
View File

@@ -0,0 +1,9 @@
{
"description":"zeek.ldap_search",
"processors":[
{"pipeline": {"name": "zeek.ldap", "ignore_missing_pipeline":true,"ignore_failure":true}},
{"set": {"field": "event.dataset", "value":"ldap_search"}},
{"remove": {"field": "tags", "ignore_missing":true}},
{"pipeline": {"name": "zeek.common"}}
]
}