CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-10 19:22:54 +01:00
Code Issues Packages Projects Releases Wiki Activity

FEATURE: Add SOC default fields for iptables logs #14836

Browse Source
This commit is contained in:
Doug Burks
2025-07-14 12:04:46 -04:00
committed by GitHub
parent 3108556495
commit f8108e93d5
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
salt/soc/defaults.yaml
View File

@@ -1336,6 +1336,13 @@ soc:
- soc.fields.statusCode
- event.action
- soc.fields.error
':iptables:':
- soc_timestamp
- source.ip
- source.port
- destination.ip
- destination.port
- message
server:
bindAddress: 0.0.0.0:9822
baseUrl: /