mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2026-04-28 07:28:00 +02:00
Josh Brower
18 lines
518 B
YAML
18 lines
518 B
YAML
name: Security Onion Baseline Pipeline
|
|
priority: 90
|
|
transformations:
|
|
- id: baseline_field_name_mapping
|
|
type: field_name_mapping
|
|
mapping:
|
|
cs-method: http.method
|
|
c-uri: http.uri
|
|
c-useragent: http.useragent
|
|
cs-version: http.version
|
|
uid: user.uid
|
|
sid: rule.uuid
|
|
answer: answers
|
|
query: dns.query.name
|
|
src_ip: destination.ip.keyword
|
|
src_port: source.port
|
|
dst_ip: destination.ip.keyword
|
|
dst_port: destination.port |