Skip to content

Commit

Permalink
Merge pull request #12723 from Security-Onion-Solutions/dougburks-pat…
Browse files Browse the repository at this point in the history 
…ch-1

FEATURE: Add Events table columns for event.module playbook #12703
  • Loading branch information
@dougburks
dougburks authored Apr 2, 2024
2 parents 261f2cb + 6c2437f commit 55e71c8
Showing 1 changed file with 16 additions and 3 deletions.
19 changes: 16 additions & 3 deletions salt/soc/defaults.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1200,6 +1200,17 @@ soc:
- soc_timestamp
- event.dataset
- message
':playbook:':
- soc_timestamp
- rule.name
- event.severity_label
- event_data.event.dataset
- event_data.source.ip
- event_data.source.port
- event_data.destination.host
- event_data.destination.port
- event_data.process.executable
- event_data.process.pid
server:
bindAddress: 0.0.0.0:9822
baseUrl: /
Expand Down Expand Up @@ -1876,11 +1887,13 @@ soc:
- soc_timestamp
- rule.name
- event.severity_label
- event_data.event.module
- event_data.event.category
- event_data.event.dataset
- event_data.source.ip
- event_data.source.port
- event_data.destination.host
- event_data.destination.port
- event_data.process.executable
- event_data.process.pid
- event_data.winlog.computer_name
queryBaseFilter: tags:alert
queryToggleFilters:
- name: acknowledged
Expand Down

0 comments on commit 55e71c8

Please sign in to comment.