valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-07 17:58:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1347e5060f
SigmaHQ/tools/config/qualys.yml
Thomas Patzke 991108e64d Further proxy field name fixes (config + rules)
2019-12-07 00:23:30 +01:00

21 lines
397 B
YAML
Raw Blame History

title: Qualys
order: 20
backends:
- qualys
fieldmappings:
dst:
- network.remote.address.ip
dst_ip:
- network.remote.address.ip
src:
- network.local.address.ip
src_ip:
- network.local.address.ip
file_hash:
- file.hash.md5
- file.hash.sha256
NewProcessName: process.name
ServiceName: process.name
ServiceFileName: process.name
TargetObject: registry.path
Reference in New Issue View Git Blame Copy Permalink