NotificationsYou must be signed in to change notification settings
Fork33
Star165

Commit95e0b6e

authored

Merge pull request#161 from UncoderIO/gis-8070

Gis 8070

2 parents5a15552 +1b5cfdf commit95e0b6eCopy full SHA for 95e0b6e

File tree

30 files changed

+58

-58

lines changed

uncoder-core/app/translator
- mappings/platforms/splunk
- platforms/splunk
  - mapping.py

30 files changed

+58

-58

lines changed

`‎uncoder-core/app/translator/mappings/platforms/splunk/aws_cloudtrail.yml‎`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -3,10 +3,10 @@ source: aws_cloudtrail`
`3`	`3`
`4`	`4`
`5`	`5`	`log_source:`
`6`		`-source_type:[aws:cloudtrail]`
	`6`	`+sourcetype:[aws:cloudtrail]`
`7`	`7`
`8`	`8`	`default_log_source:`
`9`		`-source_type:aws:cloudtrail`
	`9`	`+sourcetype:aws:cloudtrail`
`10`	`10`
`11`	`11`	`field_mapping:`
`12`	`12`	`eventSource:eventSource`

`‎uncoder-core/app/translator/mappings/platforms/splunk/aws_eks.yml‎`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -3,10 +3,10 @@ source: aws_eks`
`3`	`3`
`4`	`4`
`5`	`5`	`log_source:`
`6`		`-source_type:[aws:*]`
	`6`	`+sourcetype:[aws:*]`
`7`	`7`
`8`	`8`	`default_log_source:`
`9`		`-source_type:aws:*`
	`9`	`+sourcetype:aws:*`
`10`	`10`
`11`	`11`	`field_mapping:`
`12`	`12`	`annotations.authorization.k8s.io\/decision:annotations.authorization.k8s.io\/decision`

`‎uncoder-core/app/translator/mappings/platforms/splunk/azure_AzureDiagnostics.yml‎`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -3,10 +3,10 @@ source: azure_AzureDiagnostics`
`3`	`3`
`4`	`4`
`5`	`5`	`log_source:`
`6`		`-source_type:[azure:*]`
	`6`	`+sourcetype:[azure:*]`
`7`	`7`
`8`	`8`	`default_log_source:`
`9`		`-source_type:azure:*`
	`9`	`+sourcetype:azure:*`
`10`	`10`
`11`	`11`	`field_mapping:`
`12`	`12`	`ResultDescription:ResultDescription`

`‎uncoder-core/app/translator/mappings/platforms/splunk/azure_BehaviorAnalytics.yml‎`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -3,10 +3,10 @@ source: azure_BehaviorAnalytics`
`3`	`3`
`4`	`4`
`5`	`5`	`log_source:`
`6`		`-source_type:[azure:*]`
	`6`	`+sourcetype:[azure:*]`
`7`	`7`
`8`	`8`	`default_log_source:`
`9`		`-source_type:azure:*`
	`9`	`+sourcetype:azure:*`
`10`	`10`
`11`	`11`	`field_mapping:`
`12`	`12`	`ActionType:ActionType`

`‎uncoder-core/app/translator/mappings/platforms/splunk/azure_aadnoninteractiveusersigninlogs.yml‎`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -3,10 +3,10 @@ source: azure_aadnoninteractiveusersigninlogs`
`3`	`3`
`4`	`4`
`5`	`5`	`log_source:`
`6`		`-source_type:[azure:*]`
	`6`	`+sourcetype:[azure:*]`
`7`	`7`
`8`	`8`	`default_log_source:`
`9`		`-source_type:azure:*`
	`9`	`+sourcetype:azure:*`
`10`	`10`
`11`	`11`	`field_mapping:`
`12`	`12`	`UserAgent:UserAgent`

`‎uncoder-core/app/translator/mappings/platforms/splunk/azure_azureactivity.yml‎`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -3,10 +3,10 @@ source: azure_azureactivity`
`3`	`3`
`4`	`4`
`5`	`5`	`log_source:`
`6`		`-source_type:[mscs:azure:, azure:]`
	`6`	`+sourcetype:[mscs:azure:, azure:]`
`7`	`7`
`8`	`8`	`default_log_source:`
`9`		`-source_type:mscs:azure:*`
	`9`	`+sourcetype:mscs:azure:*`
`10`	`10`
`11`	`11`	`field_mapping:`
`12`	`12`	`ActivityStatus:ActivityStatus`

`‎uncoder-core/app/translator/mappings/platforms/splunk/azure_azuread.yml‎`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -3,10 +3,10 @@ source: azure_azuread`
`3`	`3`
`4`	`4`
`5`	`5`	`log_source:`
`6`		`-source_type:[azure:aad:*]`
	`6`	`+sourcetype:[azure:aad:*]`
`7`	`7`
`8`	`8`	`default_log_source:`
`9`		`-source_type:azure:aad:*`
	`9`	`+sourcetype:azure:aad:*`
`10`	`10`
`11`	`11`	`field_mapping:`
`12`	`12`	`ActivityDisplayName:ActivityDisplayName`

`‎uncoder-core/app/translator/mappings/platforms/splunk/azure_signinlogs.yml‎`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -3,10 +3,10 @@ source: azure_signinlogs`
`3`	`3`
`4`	`4`
`5`	`5`	`log_source:`
`6`		`-source_type:[azure:aad:*]`
	`6`	`+sourcetype:[azure:aad:*]`
`7`	`7`
`8`	`8`	`default_log_source:`
`9`		`-source_type:azure:aad:*`
	`9`	`+sourcetype:azure:aad:*`
`10`	`10`
`11`	`11`	`field_mapping:`
`12`	`12`	`AppDisplayName:AppDisplayName`

`‎uncoder-core/app/translator/mappings/platforms/splunk/firewall.yml‎`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -3,11 +3,11 @@ source: firewall`
`3`	`3`
`4`	`4`
`5`	`5`	`log_source:`
`6`		`-source_type:[fortigate_traffic]`
	`6`	`+sourcetype:[fortigate_traffic]`
`7`	`7`	`index:[fortigate]`
`8`	`8`
`9`	`9`	`default_log_source:`
`10`		`-source_type:fortigate_traffic`
	`10`	`+sourcetype:fortigate_traffic`
`11`	`11`	`index:fortigate`
`12`	`12`
`13`	`13`	`field_mapping:`

`‎uncoder-core/app/translator/mappings/platforms/splunk/gcp_gcp.audit.yml‎`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -3,7 +3,7 @@ source: gcp_gcp.audit`
`3`	`3`
`4`	`4`
`5`	`5`	`log_source:`
`6`		`-source_type:[google:gcp:*]`
	`6`	`+sourcetype:[google:gcp:*]`
`7`	`7`
`8`	`8`	`default_log_source:`
`9`	`9`	`index:google:gcp:*`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit95e0b6e

File tree

30 files changed

30 files changed

`‎uncoder-core/app/translator/mappings/platforms/splunk/aws_cloudtrail.yml‎`

`‎uncoder-core/app/translator/mappings/platforms/splunk/aws_eks.yml‎`

`‎uncoder-core/app/translator/mappings/platforms/splunk/azure_AzureDiagnostics.yml‎`

`‎uncoder-core/app/translator/mappings/platforms/splunk/azure_BehaviorAnalytics.yml‎`

`‎uncoder-core/app/translator/mappings/platforms/splunk/azure_aadnoninteractiveusersigninlogs.yml‎`

`‎uncoder-core/app/translator/mappings/platforms/splunk/azure_azureactivity.yml‎`

`‎uncoder-core/app/translator/mappings/platforms/splunk/azure_azuread.yml‎`

`‎uncoder-core/app/translator/mappings/platforms/splunk/azure_signinlogs.yml‎`

`‎uncoder-core/app/translator/mappings/platforms/splunk/firewall.yml‎`

`‎uncoder-core/app/translator/mappings/platforms/splunk/gcp_gcp.audit.yml‎`

0 commit comments