valitydev/wazuh-kibana-app
14
0
Fork 0
mirror of https://github.com/valitydev/wazuh-kibana-app.git synced 2024-11-06 09:55:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fixed regex from visualizations

Browse Source
This commit is contained in:
Jesús Ángel 2018-07-24 13:14:32 +02:00 committed by Javier Castro
parent 76d26555ff
commit b1e9d2725e
2 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
server/integration-files/visualizations/overview/overview-aws.js
View File

@ -37,7 +37,7 @@ export default [
"alias": null,
"type": "custom",
"key": "query",
"value": "{"regexp":{"rule.description":{"value":".*AuthorizeSecurity.*"}}}"
"value": {"regexp":{"rule.description":".*AuthorizeSecurity.*"}}
},
"$state": {
"store": "appState"
@ -77,7 +77,7 @@ export default [
"alias": null,
"type": "custom",
"key": "query",
"value": "{"regexp":{"rule.description":{"value":".*RevokeSecurity.*"}}}"
"value": {"regexp":{"rule.description":".*RevokeSecurity.*"}}
},
"$state": {
"store": "appState"
@ -117,7 +117,7 @@ export default [
"alias": null,
"type": "custom",
"key": "query",
"value": "{"regexp":{"data.aws.eventName":{"value":".*Instances.*"}}}"
"value": {"regexp":{"data.aws.eventName":".*Instances.*"}}
},
"$state": {
"store": "appState"
@ -157,7 +157,7 @@ export default [
"alias": null,
"type": "custom",
"key": "query",
"value": "{"regexp":{"rule.description":{"value":".*Login?Success.*"}}}"
"value": {"regexp":{"rule.description":".*Login?Success.*"}}
},
"$state": {
"store": "appState"
@ -211,7 +211,7 @@ export default [
"alias": null,
"type": "custom",
"key": "query",
"value": "{"regexp":{"rule.description":{"value":".*Security.*"}}}"
"value": {"regexp":{"rule.description":".*Security.*"}}
},
"$state": {
"store": "appState"
@ -251,7 +251,7 @@ export default [
"alias": null,
"type": "custom",
"key": "query",
"value": "{"regexp":{"rule.description":{"value":".*Login?Success.*"}}}"
"value": {"regexp":{"rule.description":".*Login?Success.*"}}
},
"$state": {
"store": "appState"

6
server/integration-files/visualizations/overview/overview-fim.js
View File

@ -245,7 +245,7 @@ export default [
"_id": "Wazuh-App-Overview-FIM-Root-user-file-changes",
"_source": {
"title": "Root user file changes",
"visState": "{\"title\":\"Root user file changes\",\"type\":\"pie\",\"params\":{\"isDonut\":false,\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"type\":\"pie\",\"legendPosition\":\"right\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"syscheck.path\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}]}",
"visState": "{\"title\":\"Root user file changes\",\"type\":\"pie\",\"params\":{\"isDonut\":false,\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"type\":\"pie\",\"legendPosition\":\"right\",\"labels\":{\"show\":false,\"values\":true,\"last_level\":true,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"syscheck.path\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}]}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
@ -287,7 +287,7 @@ export default [
{
"query": {
"regexp": {
"syscheck.perm_after": "[0-7]{5}([2367]).*"
"syscheck.perm_after": "[0-7]{5}([2367])"
}
},
"meta": {
@ -297,7 +297,7 @@ export default [
"alias": null,
"type": "custom",
"key": "query",
"value": "{"regexp":{"syscheck.perm_after":"[0-7]{5}([2367]).*"}}"
"value": {"regexp":{"syscheck.perm_after": "[0-7]{5}([2367])" }}
},
"$state": {
"store": "appState"