Skip to content

Commit

Permalink
added firewall events
Browse files Browse the repository at this point in the history
  • Loading branch information
@adworjan
adworjan committed Oct 19, 2023
1 parent 7389db2 commit 6439741
Show file tree
Hide file tree
Showing 3 changed files with 13 additions and 13 deletions.
2 changes: 1 addition & 1 deletion .ansible-sign/sha256sum.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ fba914c608f1a6ccdad971355139b98f0670fc8e7d51d13dca7a6e65bdc82429 roles/snort_bu
eec62140ff6f456fb2fd45adaa8f69866c23ca8ec124ab1abfea08bcca7dccc6 roles/winlogbeat/defaults/main.yml
a06c3bed9503b47cfa11d61ff3609dde83b4599b522160f5e14f13088df5ebaf roles/winlogbeat/handlers/main.yml
9780c8e92510aba03fff312c5cc461d8f1b866b269311e16628da76a95bfbafb roles/winlogbeat/tasks/main.yml
862d892300d6fa0c92d6272448c9ebfbb11087845d2d05b9f43d27041a4d05ba roles/winlogbeat/templates/winlogbeat.yml.j2
9a49b6c03b7fae17462ab2deaf4fd045341c9993dc76846c0bb21026970b556e roles/winlogbeat/templates/winlogbeat.yml.j2
f15fd50d2ee1d7cd5043153a707948b5897de8b1a544b226b33d493f4fe98f95 snortbuildconfig.yml
117d2f3e9d48d0d59d5dcfca9c9829295c1039c7204784c68978778db75e288a templates/cpu-rules.yml.j2
ff3bc0d052a72eb88bf093b9a2b9f31946032ab78dc7c4c742017f161f38763f templates/disk-rules.yml.j2
Expand Down
22 changes: 11 additions & 11 deletions .ansible-sign/sha256sum.txt.sig
View file
Original file line number Diff line number Diff line change
@@ -1,14 +1,14 @@
-----BEGIN PGP SIGNATURE-----

iQGzBAABCAAdFiEE/bJvyFHKKJdaZDOLTiIiIXrUDNEFAmUwDiQACgkQTiIiIXrU
DNEElgv6A1wzpOa+etHhEg/5GpLeYHTABA212RmsCiToCqlyAGcDNRJ8ZLeyc1QO
vfe+lPzxYR87U/VQbtMdWfDb2qZ/CZnPNRNbo1Id1QVsNqzgejRAIr8ojMqMz1+i
VcmZlCw4K1Y05eQCxgS5DyjckfZDUz5x0Th4HVzzC8/DhmwM875V6jOzgqKESy5p
5nFJVv97Vdw23uTfkTbX1yg9QyOlHLizeGS9v8qLiIblMvfm0sM0rL+JNBp3hMvQ
H5Hz6ZGBua752vC8L4Uw2gIwJnaqPJ7DEVnMEmGa08sB4dS3CFGqjEVEEusuKcpu
NR4pJ6YE27kMT6c5SIpn0KgI1X/bUK7d7rsPZgfOEFGCel3RTar5SRxMrwJdQ2cW
KQNwpboizS5jvqqW0bdUk5aWP7JUwSgmlCpeGxTJaWyOgvFQut3ZZddWO5vWAV//
GR0q9MSVp0HtwxJOXFIHMnirun/n4yFx58rGAl5MtEg1gR9v56gaIKT9u7ek6pdt
uhEETRZm
=ztj9
iQGzBAABCAAdFiEE/bJvyFHKKJdaZDOLTiIiIXrUDNEFAmUxZgcACgkQTiIiIXrU
DNGmHwv/f9D/HHoMiK9q6TMd/NzEgLkMBAXud1aRAUBCkKjwPY5MQx9fUlE+kUur
nkEE139PUqFu8IntaFLCrjP40H2SymzoMwN5kYmUpE6QhJly5sQE9+X5Xh7D/c4q
sxHuyxBfY9TrSFZbTQuXjgfD7RWhfqf/zHRwNTsHa8T+WL1vg0fkW51VAeZMOsuS
gJGNAH3i+H8Ba1XItKIQWZxoqTuyU9GiPAig81xFDHOAbaVc9dy2kc6W+qYl3aY9
/ynDNaKSs3PySbrA+rNiIGXh44zQI8E3NmEVJUvR8SoKsqdwEYOFstuxy+22Eods
BOzkfia01XvHzQgHhW4LT792ij7fDfYN7Ovr9tvrbuPGMZKmcdObz1/T/cgnYdbS
Yj8wek7flD2xmAj8bRg1YSC7t6REFSRLs47Imc37mq/BqhrK5hf3+btVN8mcGHbD
HlLln8eQlFBg3DUn1HoDWWuHE01i3WFc3WWICHRfx1yKeR24WmK6YZKm5aFYIhHP
0MCx1e0P
=6t9A
-----END PGP SIGNATURE-----
2 changes: 1 addition & 1 deletion roles/winlogbeat/templates/winlogbeat.yml.j2
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ winlogbeat.event_logs:
event_id: 200, 400, 403, 500, 501, 600, 800

- name: Microsoft-Windows-PowerShell/Operational
event_id: 4100, 4103, 4104, 4105, 4106
event_id: 4100, 4103, 4104, 4105, 4106, 4950, 5025

- name: ForwardedEvents
tags: [forwarded]
Expand Down

0 comments on commit 6439741

Please sign in to comment.