CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-15 21:52:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
3a2ec8e8bfcd60392336c7f841b19bf463ff1c6a
securityonion/salt/filebeat/defaults.yaml
Doug Burks c1dfb9f935 Add missing Zeek log to filebeat defaults.yaml
2023-01-06 14:27:40 -05:00

113 lines
2.6 KiB
YAML
Raw Blame History

filebeat:
config:
zeek_logs_enabled:
- conn
- dce_rpc
- dhcp
- dnp3
- dns
- dpd
- files
- ftp
- http
- intel
- irc
- kerberos
- modbus
- mysql
- notice
- ntlm
- pe
- radius
- rfb
- rdp
- sip
- smb_files
- smb_mapping
- smtp
- snmp
- socks
- software
- ssh
- ssl
- tunnel
- weird
- x509
- bacnet
- bacnet_discovery
- bacnet_property
- bsap_ip_header
- bsap_ip_rdb
- bsap_ip_unknown
- bsap_serial_header
- bsap_serial_rdb
- bsap_serial_rdb_ext
- bsap_serial_unknown
- cip
- cip_identity
- cip_io
- cotp
- dnp3_control
- dnp3_objects
- ecat_aoe_info
- ecat_coe_info
- ecat_dev_info
- ecat_foe_info
- ecat_log_address
- ecat_registers
- ecat_soe_info
- enip
- modbus_detailed
- modbus_mask_write_register
- modbus_read_write_multiple_registers
- opcua_binary
- opcua_binary_activate_session
- opcua_binary_activate_session_client_software_cert
- opcua_binary_activate_session_diagnostic_info
- opcua_binary_activate_session_locale_id
- opcua_binary_browse
- opcua_binary_browse_description
- opcua_binary_browse_diagnostic_info
- opcua_binary_browse_request_continuation_point
- opcua_binary_browse_response_references
- opcua_binary_browse_result
- opcua_binary_create_session
- opcua_binary_create_session_discovery
- opcua_binary_create_session_endpoints
- opcua_binary_create_session_user_token
- opcua_binary_create_subscription
- opcua_binary_diag_info_detail
- opcua_binary_get_endpoints
- opcua_binary_get_endpoints_description
- opcua_binary_get_endpoints_discovery
- opcua_binary_get_endpoints_locale_id
- opcua_binary_get_endpoints_profile_uri
- opcua_binary_get_endpoints_user_token
- opcua_binary_opensecure_channel
- opcua_binary_read
- opcua_binary_read_array_dims
- opcua_binary_read_array_dims_link
- opcua_binary_read_diagnostic_info
- opcua_binary_read_extension_object
- opcua_binary_read_extension_object_link
- opcua_binary_read_nodes_to_read
- opcua_binary_read_results
- opcua_binary_read_results_link
- opcua_binary_read_status_code
- opcua_binary_read_variant_data
- opcua_binary_read_variant_data_link
- opcua_binary_status_code_detail
- profinet
- profinet_dce_rpc
- profinet_debug
- s7comm
- s7comm_plus
- s7comm_read_szl
- s7comm_upload_download
- stun
- stun_nat
- tds
- tds_rpc
- tds_sql_batch
- wireguard
Reference in New Issue View Git Blame Copy Permalink