.. |
generic
|
add sysmon mapping
|
2021-08-05 10:54:58 +02:00 |
mitre
|
+ Adding Mitre Sub-Techniques and python update script to fetch latest Pre, Enterprise & Mobile Tactics and Techniques from Mitre CTI
|
2020-08-13 10:24:44 +01:00 |
ala-azure-activitylogs.yml
|
Create ala-azure-activitylogs.yml
|
2021-07-08 20:40:03 +05:00 |
ala-azure-ad_auditlogs.yml
|
Create ala-azure-ad_auditlogs.yml
|
2021-07-08 20:40:39 +05:00 |
ala-azure-aws_cloudtrail.yml
|
Create ala-azure-aws_cloudtrail.yml
|
2021-07-15 21:51:41 +05:00 |
ala-suricata.yml
|
Create ala-suricata.yml
|
2021-07-16 23:08:03 +05:00 |
ala.yml
|
Squashed commit of the following:
|
2020-06-05 13:18:03 -04:00 |
arcsight-zeek.yml
|
Add yamllint to GHA
|
2021-07-26 21:26:16 -04:00 |
arcsight.yml
|
Added AppLocker log source
|
2020-07-13 20:41:54 +00:00 |
carbon-black-eedr.yml
|
Several updates to CarbonBlack EEDR config
|
2021-07-29 14:09:37 +01:00 |
carbon-black.yml
|
fix: duplicate field values in YAML configs
|
2021-03-20 08:49:43 +01:00 |
chronicle.yml
|
Chronicle Security Backend contributed by SOC Prime.
|
2021-03-12 12:21:44 +02:00 |
crowdstrike.yml
|
docs: better title in crowdstrike config
|
2021-06-10 17:07:01 +02:00 |
devo-network.yml
|
master: Added new Devo backend for the sigmac tool. Added three new backend configurations to support the Devo backend. Added a new test suite to cover the Devo backend cases.
|
2021-06-21 14:06:04 +02:00 |
devo-web.yml
|
master: Added new Devo backend for the sigmac tool. Added three new backend configurations to support the Devo backend. Added a new test suite to cover the Devo backend cases.
|
2021-06-21 14:06:04 +02:00 |
devo-windows.yml
|
master: Added new Devo backend for the sigmac tool. Added three new backend configurations to support the Devo backend. Added a new test suite to cover the Devo backend cases.
|
2021-06-21 14:06:04 +02:00 |
ecs-auditd.yml
|
Add yamllint to GHA
|
2021-07-26 21:26:16 -04:00 |
ecs-azure-activitylogs.yml
|
Create ecs-azure-activitylogs.yml
|
2021-07-08 20:37:12 +05:00 |
ecs-azure-ad_auditlogs.yml
|
Create ecs-azure-ad_auditlogs.yml
|
2021-07-08 20:39:05 +05:00 |
ecs-cloudtrail.yml
|
added role name field to ecs-cloudtrail.
|
2020-11-13 05:59:55 +05:00 |
ecs-dns.yml
|
fix: duplicate field values in YAML configs
|
2021-03-20 08:49:43 +01:00 |
ecs-filebeat.yml
|
Add yamllint to GHA
|
2021-07-26 21:26:16 -04:00 |
ecs-proxy.yml
|
fix: duplicate field values in YAML configs
|
2021-03-20 08:49:43 +01:00 |
ecs-suricata.yml
|
Update ecs-suricata.yml
|
2021-07-17 04:55:46 +05:00 |
ecs-zeek-corelight.yml
|
kibana-ndjson for all configs which already have kibana
|
2020-11-09 08:46:17 +01:00 |
ecs-zeek-elastic-beats-implementation.yml
|
Update ecs-zeek-elastic-beats-implementation.yml
|
2021-05-16 22:53:25 +02:00 |
elk-defaultindex-filebeat.yml
|
docs: descriptions for source configs
|
2020-06-25 13:59:51 +02:00 |
elk-defaultindex-logstash.yml
|
docs: descriptions for source configs
|
2020-06-25 13:59:51 +02:00 |
elk-defaultindex.yml
|
docs: descriptions for source configs
|
2020-06-25 13:59:51 +02:00 |
elk-linux.yml
|
docs: descriptions for source configs
|
2020-06-25 13:59:51 +02:00 |
elk-windows.yml
|
config: add PrintService Operational
|
2021-07-01 09:55:15 +02:00 |
elk-winlogbeat-sp.yml
|
config: add PrintService Operational
|
2021-07-01 09:55:15 +02:00 |
elk-winlogbeat.yml
|
config: add PrintService Operational
|
2021-07-01 09:55:15 +02:00 |
filebeat-defaultindex.yml
|
kibana-ndjson for all configs which already have kibana
|
2020-11-09 08:46:17 +01:00 |
fireeye-helix.yml
|
config: add PrintService Operational
|
2021-07-01 09:55:15 +02:00 |
helk.yml
|
kibana-ndjson for all configs which already have kibana
|
2020-11-09 08:46:17 +01:00 |
humio.yml
|
Squashed commit of the following:
|
2020-06-05 13:18:03 -04:00 |
limacharlie.yml
|
change to github
|
2020-02-28 16:56:48 +07:00 |
logpoint-windows.yml
|
config: add PrintService Operational
|
2021-07-01 09:55:15 +02:00 |
logrhythm_winevent.yml
|
Add yamllint to GHA
|
2021-07-26 21:26:16 -04:00 |
logstash-defaultindex.yml
|
kibana-ndjson for all configs which already have kibana
|
2020-11-09 08:46:17 +01:00 |
logstash-linux.yml
|
kibana-ndjson for all configs which already have kibana
|
2020-11-09 08:46:17 +01:00 |
logstash-windows.yml
|
config: add PrintService Operational
|
2021-07-01 09:55:15 +02:00 |
logstash-zeek-default-json.yml
|
kibana-ndjson for all configs which already have kibana
|
2020-11-09 08:46:17 +01:00 |
netwitness-epl.yml
|
initial commit for Netwitness-EPL backend
|
2020-09-10 17:12:12 +02:00 |
netwitness.yml
|
change to github
|
2020-02-28 16:56:48 +07:00 |
powershell-windows-all.yml
|
config: add PrintService Operational
|
2021-07-01 09:55:15 +02:00 |
powershell.yml
|
config: add PrintService Operational
|
2021-07-01 09:55:15 +02:00 |
qradar.yml
|
Squashed commit of the following:
|
2020-06-05 13:18:03 -04:00 |
qualys.yml
|
change to github
|
2020-02-28 16:56:48 +07:00 |
splunk-windows-index.yml
|
add splunkdm to Makefile
|
2021-07-10 22:23:15 +02:00 |
splunk-windows.yml
|
Add Splunk Datamodel backend
|
2021-07-09 23:18:17 +02:00 |
splunk-zeek.yml
|
Squashed commit of the following:
|
2020-06-05 13:18:03 -04:00 |
stix2.0.yml
|
Moved references to binary file from custom config to stix-2.0 config
|
2021-03-02 12:04:22 +02:00 |
stix-custom.yml
|
Moved references to binary file from custom config to stix-2.0 config
|
2021-03-02 12:04:22 +02:00 |
stix-shifter.yml
|
Fixed error mapping for stix-shifter configuration
|
2021-02-08 17:55:03 +02:00 |
sumologic-cse.yml
|
Added:
|
2020-10-06 15:07:52 +03:00 |
sumologic.yml
|
config: add PrintService Operational
|
2021-07-01 09:55:15 +02:00 |
thor.yml
|
fix: indentation
|
2021-07-22 10:18:03 +02:00 |
winlogbeat-modules-enabled.yml
|
fix space error
|
2021-08-10 17:35:32 +02:00 |
winlogbeat-old.yml
|
Set powershell_alternate_powershell_hosts.yml more accurate by adding the correct channel for EventID
|
2021-06-01 10:47:17 +02:00 |
winlogbeat.yml
|
Add yamllint to GHA
|
2021-07-26 21:26:16 -04:00 |