mirror of
https://github.com/valitydev/SigmaHQ.git
synced 2024-11-07 01:45:21 +00:00
fix: duplicate field values in YAML configs
This commit is contained in:
parent
dd4a1ac393
commit
1fc408bfaa
@ -26,7 +26,6 @@ fieldmappings:
|
||||
#Signature: digsig_result
|
||||
SourceIp: ipaddr
|
||||
DestinationAddress: ipaddr
|
||||
DestinationPort: ipport
|
||||
DestPort: ipport
|
||||
TargetObject: regmod
|
||||
TargetFilename: filemod
|
||||
@ -38,15 +37,11 @@ fieldmappings:
|
||||
Product: product_name
|
||||
Signature: digsig_publisher
|
||||
CallTrace: modload
|
||||
DestinationHostname: domain
|
||||
User: username
|
||||
StartModule: modload
|
||||
Company: company_name
|
||||
Description: file_desc
|
||||
FileVersion: file_version
|
||||
|
||||
|
||||
|
||||
# DestinationHostname: hostname
|
||||
# DestinationIp: ipaddr
|
||||
# DestinationPort: ipport
|
||||
|
@ -56,7 +56,6 @@ fieldmappings:
|
||||
qclass: dns.qclass
|
||||
qtype_name: dns.question.type
|
||||
qtype: dns.qtype
|
||||
query: dns.question.name
|
||||
#question_length: labels.dns.query_length
|
||||
RA: dns.RA
|
||||
rcode_name: dns.response_code
|
||||
|
@ -37,7 +37,6 @@ fieldmappings:
|
||||
c-uri-stem: url.original
|
||||
c-uri: url.original
|
||||
c-useragent: user_agent.original
|
||||
cs-bytes: http.request.body.bytes
|
||||
cs-cookie: http.cookie
|
||||
cs-host:
|
||||
- url.domain
|
||||
|
Loading…
Reference in New Issue
Block a user