CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
6fbed2dd9f18d8d11ce5923cbe2187ecf015ecd4
securityonion/salt/elasticfleet/files/integrations/endpoints-initial/windows-defender.json
weslambert 3fa6c72620 Fix name change
2024-07-30 15:45:55 -04:00

30 lines
708 B
JSON
Raw Blame History

{
"package": {
"name": "winlog",
"version": ""
},
"name": "windows-defender",
"namespace": "default",
"description": "Windows Defender - Operational logs",
"policy_id": "endpoints-initial",
"inputs": {
"winlogs-winlog": {
"enabled": true,
"streams": {
"winlog.winlogs": {
"enabled": true,
"vars": {
"channel": "Microsoft-Windows-Windows Defender/Operational",
"data_stream.dataset": "winlog.winlog",
"preserve_original_event": false,
"providers": [],
"ignore_older": "72h",
"language": 0,
"tags": [] }
}
}
}
},
"force": true
}
Reference in New Issue View Git Blame Copy Permalink