security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
64caa8aedc7500d5c94de356a0d2da233a6c1070
blue-team-tools/tools/config/elk-sysmon.yml
T
Thomas Patzke d2a9a91175 Log source conditions are integrated in generated expressions 
Indices not yet included
2017-03-14 23:22:32 +01:00

8 lines
150 B
YAML
Raw Blame History

logsources:
sysmon:
product: windows
service: sysmon
index: logstash-windows-*
conditions:
EventLog: Microsoft-Windows-Sysmon
Reference in New Issue View Git Blame Copy Permalink