Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Update sysmon and security modules (#13047)
- Add event.module for both modules. - Add event.output to Security log authentication events. - Add event.category=process and event.type=process_start/process_end to Sysmon process events (event ID 1 and 5). - Normalize GUIDs to lowercase in golden file tests - Improves the diff output when a test fails.
- Loading branch information
1 parent
6629242
commit cca42cf
Showing
7 changed files
with
279 additions
and
124 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.