Skip to content

Commit

Permalink
Merge pull request #12751 from Security-Onion-Solutions/dougburks-pat…
Browse files Browse the repository at this point in the history 
…ch-1

FEATURE: Add Events table columns for event.module sigma #12743
  • Loading branch information
@dougburks
dougburks authored Apr 4, 2024
2 parents c75c411 + 5ec3b83 commit 7b4e207
Showing 1 changed file with 22 additions and 0 deletions.
22 changes: 22 additions & 0 deletions salt/soc/defaults.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1222,6 +1222,17 @@ soc:
- event_data.destination.port
- event_data.process.executable
- event_data.process.pid
':sigma:':
- soc_timestamp
- rule.name
- event.severity_label
- event_data.event.dataset
- event_data.source.ip
- event_data.source.port
- event_data.destination.host
- event_data.destination.port
- event_data.process.executable
- event_data.process.pid
server:
bindAddress: 0.0.0.0:9822
baseUrl: /
Expand Down Expand Up @@ -1915,6 +1926,17 @@ soc:
- event_data.destination.port
- event_data.process.executable
- event_data.process.pid
':sigma:':
- soc_timestamp
- rule.name
- event.severity_label
- event_data.event.dataset
- event_data.source.ip
- event_data.source.port
- event_data.destination.host
- event_data.destination.port
- event_data.process.executable
- event_data.process.pid
':strelka:':
- soc_timestamp
- file.name
Expand Down

0 comments on commit 7b4e207

Please sign in to comment.