sigma-rules

security-tools/sigma-rules

Fork 0

Commit Graph

Author	SHA1	Message	Date
Justin Ibarra	59da2da474	[Rule Tuning] Ensure host information is in endpoint rule queries (#2593 ) * add unit tests to ensure host type and platform are included * add host.os.name 'linux' to all linux rules * add host.os.name macos to mac rules * add host.os.name to windows rules; fix linux dates * update from host.os.name to host.os.type Co-authored-by: brokensound77 <brokensound77@users.noreply.github.com> Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>	2023-03-05 11:41:19 -07:00
Samirbous	cb88ad715c	[New Rule] Exchange Mailbox via PowerShell (#2459 ) * Create collection_mailbox_export_winlog.toml * Update collection_mailbox_export_winlog.toml * Update collection_mailbox_export_winlog.toml * Update rules/windows/collection_mailbox_export_winlog.toml Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com> * Update rules/windows/collection_mailbox_export_winlog.toml Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com> * Update rules/windows/collection_mailbox_export_winlog.toml Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com> * Update rules/windows/collection_mailbox_export_winlog.toml Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com> * Update rules/windows/collection_mailbox_export_winlog.toml Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com> Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com> Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com>	2023-01-11 16:45:20 +00:00

Author

SHA1

Message

Date

Justin Ibarra

59da2da474

[Rule Tuning] Ensure host information is in endpoint rule queries (#2593 )

* add unit tests to ensure host type and platform are included
* add host.os.name 'linux' to all linux rules
* add host.os.name macos to mac rules
* add host.os.name to windows rules; fix linux dates
* update from host.os.name to host.os.type

Co-authored-by: brokensound77 <brokensound77@users.noreply.github.com>
Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>

2023-03-05 11:41:19 -07:00

Samirbous

cb88ad715c

[New Rule] Exchange Mailbox via PowerShell (#2459 )

* Create collection_mailbox_export_winlog.toml

* Update collection_mailbox_export_winlog.toml

* Update collection_mailbox_export_winlog.toml

* Update rules/windows/collection_mailbox_export_winlog.toml

Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>

* Update rules/windows/collection_mailbox_export_winlog.toml

Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>

* Update rules/windows/collection_mailbox_export_winlog.toml

Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>

* Update rules/windows/collection_mailbox_export_winlog.toml

Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com>

* Update rules/windows/collection_mailbox_export_winlog.toml

Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>

Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>
Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com>

2023-01-11 16:45:20 +00:00

2 Commits