security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update lnx_system_info_discovery.yml

Browse Source
This commit is contained in:
Ömer Günal
2020-11-08 11:09:27 +03:00
committed by GitHub
parent 5dc3472af0
commit 577165b7f7
1 changed files with 8 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
rules/linux/lnx_system_info_discovery.yml
+8 -8
View File
@@ -19,14 +19,14 @@ logsource:
categories: process_creation
detection:
selection:
ProcessName|contains:
- 'uname'
- 'hostname'
- 'uptime'
- 'lspci'
- 'dmidecode'
- 'lscpu'
- 'lsmod'
ProcessName|endswith:
- '/uname'
- '/hostname'
- '/uptime'
- '/lspci'
- '/dmidecode'
- '/lscpu'
- '/lsmod'
condition: selection
---
logsource: