Skip to content

Instantly share code, notes, and snippets.

@dhurley14
Created July 14, 2020 05:19
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save dhurley14/3f68f9b2547fdc658ef95c064d027f60 to your computer and use it in GitHub Desktop.
Save dhurley14/3f68f9b2547fdc658ef95c064d027f60 to your computer and use it in GitHub Desktop.
nothing
server log [01:11:26.989] [debug][plugins][plugins][securitySolution][securitySolution] totalHits: 4737 name: "Rule w exceptions" id: "239c70da-8640-4964-b7ba-a45cf1528563" rule id: "query-with-exceptions" signals index: ".siem-signals-devin-hurley-default"
server log [01:11:26.989] [debug][plugins][plugins][securitySolution][securitySolution] searchResult.hit.hits.length: 100 name: "Rule w exceptions" id: "239c70da-8640-4964-b7ba-a45cf1528563" rule id: "query-with-exceptions" signals index: ".siem-signals-devin-hurley-default"
server log [01:11:26.990] [debug][plugins][plugins][securitySolution][securitySolution] valuesOfGivenType: [
"71.211.48.72",
"47.34.56.166",
"172.100.214.142",
"67.173.227.94",
"89.12.89.72",
"35.226.77.71",
"35.199.90.14",
"35.185.178.105",
"35.224.249.156",
"35.197.32.224"
]
server log [01:11:27.037] [debug][plugins][plugins][securitySolution][securitySolution] matchedListItems: [
{
"created_at": "2020-07-09T21:18:25.483Z",
"created_by": "dhurley14",
"id": "ip_item",
"list_id": "ip_list",
"tie_breaker_id": "d03cadce-8521-4aec-b2b0-3744cd1ca55f",
"type": "ip",
"updated_at": "2020-07-14T02:12:16.689Z",
"updated_by": "dhurley14",
"value": "172.100.214.142"
},
{
"created_at": "2020-07-09T21:44:25.804Z",
"created_by": "dhurley14",
"id": "ip_item_better",
"list_id": "ip_list",
"tie_breaker_id": "63808b0c-7e04-4b60-adab-d34abb62dcfd",
"type": "ip",
"updated_at": "2020-07-14T05:07:03.232Z",
"updated_by": "dhurley14",
"value": "71.211.48.72"
}
]
server log [01:11:27.039] [debug][plugins][plugins][securitySolution][securitySolution] Lists filtered out 61 events name: "Rule w exceptions" id: "239c70da-8640-4964-b7ba-a45cf1528563" rule id: "query-with-exceptions" signals index: ".siem-signals-devin-hurley-default"
server log [01:11:27.039] [debug][plugins][plugins][securitySolution][securitySolution] valuesOfGivenType: [
"47.34.56.166",
"67.173.227.94",
"89.12.89.72",
"35.226.77.71",
"35.199.90.14",
"35.185.178.105",
"35.224.249.156",
"35.197.32.224"
]
server log [01:11:27.090] [debug][plugins][plugins][securitySolution][securitySolution] matchedListItems: [
{
"created_at": "2020-07-14T04:56:21.745Z",
"created_by": "dhurley14",
"id": "hand_inserted_item_id",
"list_id": "ip_list_again",
"tie_breaker_id": "3443547e-c46e-4cf0-b6e8-574d15885335",
"type": "ip",
"updated_at": "2020-07-14T05:11:20.108Z",
"updated_by": "dhurley14",
"value": "89.12.89.72"
}
]
server log [01:11:27.090] [debug][plugins][plugins][securitySolution][securitySolution] Lists filtered out 65 events name: "Rule w exceptions" id: "239c70da-8640-4964-b7ba-a45cf1528563" rule id: "query-with-exceptions" signals index: ".siem-signals-devin-hurley-default"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment