Permalink
Browse files

Correction of "sid: sid:" typo as per "Brian Hennigar"

  • Loading branch information...
beave committed Oct 3, 2018
1 parent 54a91af commit 46d7484e1c66b8ec7362768cad09b65d79c41fa7
Showing with 2 additions and 2 deletions.
  1. +2 −2 rsa-dpm.rules
@@ -2,8 +2,8 @@
# kcomollo 12-01-2017 edited to change protocol type to any
alert any $HOME_NET any -> $EXTERNAL_NET any (msg: "[RSA-DPM] Physical Memory status Yellow"; content: "RKMA_MONITORING_EVENT"; content: "|5b|Type|3a|Physical"; content: "YELLOW"; distance: 45; within: 25; threshold: type threshold, track by_src, count 5, secounds 900; reference: url,wiki.quadrantsec.com/bin/view/Main/5003938; sid:5003938; rev:2;)
alert any $HOME_NET any -> $EXTERNAL_NET any (msg: "[RSA-DPM] Physical Memory status RED [Critical]"; content: "RKMA_MONITORING_EVENT"; content: "|5b|Type|3a|Physical"; content: "RED"; distance: 45; within: 25; threshold: type threshold, track by_src, count 2, seconds 300; reference: url,wiki.quadrantsec.com/bin/view/Main/5003939; sid: sid:5003939; rev:2;)
alert any $HOME_NET any -> $EXTERNAL_NET any (msg: "[RSA-DPM] Swap-Memory Memory status Yellow"; content: "RKMA_MONITORING_EVENT"; content: "Type|3a|Swap-Memory"; content: "YELLOW"; distance: 45; within: 25; threshold: type threshold, track by_src, count 5, secounds 900; reference: url,wiki.quadrantsec.com/bin/view/Main/5003940; sid: sid:5003940; rev:2;)
alert any $HOME_NET any -> $EXTERNAL_NET any (msg: "[RSA-DPM] Physical Memory status RED [Critical]"; content: "RKMA_MONITORING_EVENT"; content: "|5b|Type|3a|Physical"; content: "RED"; distance: 45; within: 25; threshold: type threshold, track by_src, count 2, seconds 300; reference: url,wiki.quadrantsec.com/bin/view/Main/5003939; sid:5003939; rev:3;)
alert any $HOME_NET any -> $EXTERNAL_NET any (msg: "[RSA-DPM] Swap-Memory Memory status Yellow"; content: "RKMA_MONITORING_EVENT"; content: "Type|3a|Swap-Memory"; content: "YELLOW"; distance: 45; within: 25; threshold: type threshold, track by_src, count 5, secounds 900; reference: url,wiki.quadrantsec.com/bin/view/Main/5003940; sid:5003940; rev:3;)
alert any $HOME_NET any -> $EXTERNAL_NET any (msg: "[RSA-DPM] Swap-Memory Memory status Red [Critical]"; content: "RKMA_MONITORING_EVENT"; content: "Type|3a|Swap-Memory"; content: "RED"; distance: 45; within: 25; threshold: type threshold, track by_src, count 2, seconds 300; reference: url,wiki.quadrantsec.com/bin/view/Main/5003941; sid:5003941; rev:2;)
alert any $HOME_NET any -> $EXTERNAL_NET any (msg: "[RSA-DPM] Disk status Yellow"; content: "RKMA_MONITORING_EVENT"; content: "DiskInfo|3d|"; content" "YELLOW"; distance: 25; within: 10; threshold: type threshold, track by_src, count 5, secounds 900; reference: url,wiki.quadrantsec.com/bin/view/Main/5003942; sid:5003942; rev:2;)
alert any $HOME_NET any -> $EXTERNAL_NET any (msg: "[RSA-DPM] Disk status Red - [Critical]"; content: "RKMA_MONITORING_EVENT"; content: "DiskInfo|3d|"; content" "RED"; distance: 25; within: 10; threshold: type threshold, track by_src, count 2, seconds 300; reference: url,wiki.quadrantsec.com/bin/view/Main/5003943; sid:5003943; rev:2;)

0 comments on commit 46d7484

Please sign in to comment.