CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-03-02 02:45:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
8408a53b82f4b269f330cbcb08c4ec3e8e53da9e
securityonion/salt/elasticsearch/templates/component/elastic-agent
History
reyesj2 157185c370 add ti_opencti integration support
2024-12-18 11:33:49 -06:00
..
logs-1password.item_usages@custom.json
logs-1password.signin_attempts@custom.json
logs-apache.access@custom.json
logs-apache.error@custom.json
logs-auditd.log@custom.json
logs-auth0.logs@custom.json
logs-aws.cloudfront_logs@custom.json
logs-aws.cloudtrail@custom.json
logs-aws.cloudwatch_logs@custom.json
logs-aws.ec2_logs@custom.json
logs-aws.elb_logs@custom.json
logs-aws.firewall_logs@custom.json
logs-aws.guardduty@custom.json
Add custom component for ints
2024-09-17 19:43:13 +00:00
logs-aws.inspector@custom.json
logs-aws.route53_public_logs@custom.json
logs-aws.route53_resolver_logs@custom.json
logs-aws.s3access@custom.json
logs-aws.securityhub_findings@custom.json
logs-aws.securityhub_insights@custom.json
logs-aws.vpcflow@custom.json
logs-aws.waf@custom.json
Add custom component for ints
2024-09-17 19:43:13 +00:00
logs-azure.activitylogs@custom.json
logs-azure.application_gateway@custom.json
logs-azure.auditlogs@custom.json
logs-azure.eventhub@custom.json
Add custom component for ints
2024-09-17 19:43:13 +00:00
logs-azure.firewall_logs@custom.json
logs-azure.identity_protection@custom.json
Add custom component for ints
2024-09-17 19:43:13 +00:00
logs-azure.platformlogs@custom.json
logs-azure.provisioning@custom.json
logs-azure.signinlogs@custom.json
logs-azure.springcloudlogs@custom.json
logs-barracuda_cloudgen_firewall.log@custom.json
logs-barracuda.waf@custom.json
logs-carbonblack_edr.log@custom.json
logs-cef.log@custom.json
logs-checkpoint.firewall@custom.json
logs-cisco_asa.log@custom.json
logs-cisco_duo.admin@custom.json
logs-cisco_duo.auth@custom.json
logs-cisco_duo.offline_enrollment@custom.json
logs-cisco_duo.summary@custom.json
logs-cisco_duo.telephony@custom.json
logs-cisco_ftd.log@custom.json
logs-cisco_ios.log@custom.json
logs-cisco_ise.log@custom.json
logs-cisco_meraki.events@custom.json
logs-cisco_meraki.log@custom.json
logs-cisco_secure_email_gateway.log@custom.json
logs-cisco_umbrella.log@custom.json
logs-citrix_adc.interface@custom.json
logs-citrix_adc.lbvserver@custom.json
logs-citrix_adc.service@custom.json
logs-citrix_adc.system@custom.json
logs-citrix_adc.vpn@custom.json
logs-citrix_waf.log@custom.json
logs-cloudflare.audit@custom.json
logs-cloudflare.logpull@custom.json
logs-crowdstrike.alert@custom.json
logs-crowdstrike.falcon@custom.json
Add custom component for ints
2024-09-17 19:43:13 +00:00
logs-crowdstrike.fdr@custom.json
logs-crowdstrike.host@custom.json
logs-darktrace.ai_analyst_alert@custom.json
logs-darktrace.model_breach_alert@custom.json
logs-darktrace.system_status_alert@custom.json
logs-elastic_agent.apm_server@custom.json
logs-elastic_agent.auditbeat@custom.json
logs-elastic_agent.cloudbeat@custom.json
logs-elastic_agent.endpoint_security@custom.json
logs-elastic_agent.filebeat@custom.json
logs-elastic_agent.fleet_server@custom.json
logs-elastic_agent.heartbeat@custom.json
logs-elastic_agent.metricbeat@custom.json
logs-elastic_agent.osquerybeat@custom.json
logs-elastic_agent.packetbeat@custom.json
logs-elastic_agent@custom.json
logs-elastic_agent@package.json
logs-endpoint.alerts@custom.json
Add custom component for ints
2024-09-17 19:43:13 +00:00
logs-endpoint.diagnostic.collection@custom.json
logs-endpoint.diagnostic.collection@package.json
logs-endpoint.events.api@custom.json
logs-endpoint.events.file@custom.json
logs-endpoint.events.library@custom.json
logs-endpoint.events.network@custom.json
logs-endpoint.events.process@custom.json
logs-endpoint.events.registry@custom.json
Add custom component for ints
2024-09-17 19:43:13 +00:00
logs-endpoint.events.security@custom.json
logs-f5_bigip.log@custom.json
Add custom component for ints
2024-09-17 19:43:13 +00:00
logs-fim.event@custom.json
Add custom component for ints
2024-09-17 19:43:13 +00:00
logs-fireeye.nx@custom.json
logs-fortinet_fortigate.log@custom.json
logs-fortinet.clientendpoint@custom.json
logs-fortinet.firewall@custom.json
logs-fortinet.fortimail@custom.json
logs-fortinet.fortimanager@custom.json
logs-gcp.audit@custom.json
logs-gcp.dns@custom.json
logs-gcp.firewall@custom.json
logs-gcp.loadbalancing_logs@custom.json
logs-gcp.vpcflow@custom.json
Add custom component for ints
2024-09-17 19:43:13 +00:00
logs-github.audit@custom.json
logs-github.code_scanning@custom.json
logs-github.dependabot@custom.json
logs-github.issues@custom.json
logs-github.secret_scanning@custom.json
logs-google_workspace.access_transparency@custom.json
logs-google_workspace.admin@custom.json
logs-google_workspace.alert@custom.json
logs-google_workspace.context_aware_access@custom.json
logs-google_workspace.device@custom.json
logs-google_workspace.drive@custom.json
logs-google_workspace.gcp@custom.json
logs-google_workspace.group_enterprise@custom.json
logs-google_workspace.groups@custom.json
logs-google_workspace.login@custom.json
logs-google_workspace.rules@custom.json
logs-google_workspace.saml@custom.json
logs-google_workspace.token@custom.json
logs-google_workspace.user_accounts@custom.json
logs-http_endpoint.generic@custom.json
logs-httpjson.generic@custom.json
logs-iis.access@custom.json
Add custom component for ints
2024-09-17 19:43:13 +00:00
logs-iis.error@custom.json
logs-imperva_cloud_waf.event@custom.json
logs-juniper_srx.log@custom.json
logs-juniper.junos@custom.json
logs-juniper.netscreen@custom.json
logs-juniper.srx@custom.json
logs-kafka_log.generic@custom.json
logs-lastpass.detailed_shared_folder@custom.json
logs-lastpass.event_report@custom.json
logs-lastpass.user@custom.json
logs-m365_defender.event@custom.json
logs-m365_defender.incident@custom.json
logs-m365_defender.log@custom.json
logs-microsoft_defender_endpoint.log@custom.json
logs-microsoft_dhcp.log@custom.json
logs-microsoft_sqlserver.audit@custom.json
logs-microsoft_sqlserver.log@custom.json
logs-mimecast.audit_events@custom.json
logs-mimecast.dlp_logs@custom.json
logs-mimecast.siem_logs@custom.json
Add custom component for ints
2024-09-17 19:43:13 +00:00
logs-mimecast.threat_intel_malware_customer@custom.json
logs-mimecast.threat_intel_malware_grid@custom.json
logs-mimecast.ttp_ap_logs@custom.json
logs-mimecast.ttp_ip_logs@custom.json
logs-mimecast.ttp_url_logs@custom.json
logs-mysql.error@custom.json
logs-mysql.slowlog@custom.json
Add custom component for ints
2024-09-17 19:43:13 +00:00
logs-netflow.log@custom.json
logs-nginx.access@custom.json
logs-nginx.error@custom.json
logs-o365.audit@custom.json
logs-okta.system@custom.json
logs-osquery_manager.action.responses.json
logs-osquery_manager.actions.json
logs-panw.panos@custom.json
logs-pfsense.log@custom.json
logs-proofpoint_tap.clicks_blocked@custom.json
logs-proofpoint_tap.clicks_permitted@custom.json
logs-proofpoint_tap.message_blocked@custom.json
logs-proofpoint_tap.message_delivered@custom.json
logs-pulse_connect_secure.log@custom.json
logs-sentinel_one.activity@custom.json
logs-sentinel_one.agent@custom.json
logs-sentinel_one.alert@custom.json
logs-sentinel_one.group@custom.json
logs-sentinel_one.threat@custom.json
Add custom component for ints
2024-09-17 19:43:13 +00:00
logs-snort.log@custom.json
logs-snyk.audit@custom.json
Add custom component for ints
2024-09-17 19:43:13 +00:00
logs-snyk.vulnerabilities@custom.json
logs-sonicwall_firewall.log@custom.json
logs-sophos_central.alert@custom.json
logs-sophos_central.event@custom.json
logs-sophos.utm@custom.json
logs-sophos.xg@custom.json
logs-symantec_endpoint.log@custom.json
logs-system.application@custom.json
logs-system.auth@custom.json
logs-system.security@custom.json
logs-system.syslog@custom.json
logs-system.system@custom.json
logs-tenable_io.asset@custom.json
logs-tenable_io.plugin@custom.json
logs-tenable_io.scan@custom.json
logs-tenable_io.vulnerability@custom.json
logs-tenable_sc.asset@custom.json
logs-tenable_sc.plugin@custom.json
logs-tenable_sc.vulnerability@custom.json
logs-ti_abusech.malware@custom.json
logs-ti_abusech.malwarebazaar@custom.json
logs-ti_abusech.threatfox@custom.json
logs-ti_abusech.url@custom.json
logs-ti_anomali.threatstream@custom.json
Add custom component for ints
2024-09-17 19:43:13 +00:00
logs-ti_cybersixgill.threat@custom.json
logs-ti_misp.threat_attributes@custom.json
logs-ti_misp.threat@custom.json
logs-ti_opencti.indicator@custom.json
logs-ti_otx.pulses_subscribed@custom.json
logs-ti_otx.threat@custom.json
Add custom component for ints
2024-09-17 19:43:13 +00:00
logs-ti_rapid7_threat_command.alert@custom.json
logs-ti_rapid7_threat_command.ioc@custom.json
logs-ti_rapid7_threat_command.vulnerability@custom.json
logs-ti_recordedfuture.latest_ioc-template@custom.json
logs-ti_recordedfuture.threat@custom.json
logs-ti_threatq.threat@custom.json
logs-trend_micro_vision_one.alert@custom.json
logs-trend_micro_vision_one.audit@custom.json
logs-trend_micro_vision_one.detection@custom.json
logs-trendmicro.deep_security@custom.json
logs-vsphere.log@custom.json
logs-windows.forwarded@custom.json
logs-windows.powershell_operational@custom.json
logs-windows.powershell@custom.json
logs-windows.sysmon_operational@custom.json
logs-winlog.winlog@custom.json
logs-zscaler_zia.alerts@custom.json
logs-zscaler_zia.dns@custom.json
logs-zscaler_zia.firewall@custom.json
logs-zscaler_zia.tunnel@custom.json
logs-zscaler_zia.web@custom.json
logs-zscaler_zpa.app_connector_status@custom.json
logs-zscaler_zpa.audit@custom.json
logs-zscaler_zpa.browser_access@custom.json
logs-zscaler_zpa.user_activity@custom.json
logs-zscaler_zpa.user_status@custom.json
metrics-fleet_server.agent_status@package.json
metrics-fleet_server.agent_versions@package.json
so-data-streams-mappings.json
Ensure component template files are in the correct directory
2023-03-22 20:45:33 +00:00
so-fleet_agent_id_verification-1.json
so-fleet_globals-1.json
so-items-mappings.json
so-lists-mappings.json
so-logs-mappings.json
so-logs-settings.json