2 Commits

Author	SHA1	Message	Date
Craig Chamberlain	a7dee682cc	Add Tags to Unusual Sudo Activity Rule (#340) ... * Update ml_linux_anomalous_sudo_activity.toml added T1548 * Update ml_linux_anomalous_sudo_activity.toml * Update ml_linux_anomalous_sudo_activity.toml	2020-09-28 16:07:41 -04:00
Craig Chamberlain	4473f6d8f3	[New Rule] Unusual Sudo Activity (#263) ... * Create ml_linux_anomalous_sudo_activity.toml rule to accompany the unusual sudo activity job * Update ml_linux_anomalous_sudo_activity.toml added fp field * Update ml_linux_anomalous_sudo_activity.toml * Update ml_linux_anomalous_sudo_activity.toml linting * Update ml_linux_anomalous_sudo_activity.toml * Update ml_linux_anomalous_sudo_activity.toml * Update rules/ml/ml_linux_anomalous_sudo_activity.toml Co-authored-by: Brent Murphy <56412096+bm11100@users.noreply.github.com> * Update ml_linux_anomalous_sudo_activity.toml * Update ml_linux_anomalous_sudo_activity.toml Co-authored-by: Brent Murphy <56412096+bm11100@users.noreply.github.com>	2020-09-24 14:55:33 -04:00