Devin W. Hurley dhurley14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server log [22:34:34.179] [debug][plugins][plugins][securitySolution][securitySolution] Lists filtered out 33 events name: "Rule w exceptions" id: "239c70da-8640-4964-b7ba-a45cf1528563" rule id: "query-with-exceptions" signals index: ".siem-signals-devin-hurley-default" | |
| server log [22:34:34.661] [debug][plugins][plugins][securitySolution][securitySolution] individual bulk process time took: 474.62 milliseconds | |
| server log [22:34:34.661] [debug][plugins][plugins][securitySolution][securitySolution] took property says bulk took: 45 milliseconds | |
| server log [22:34:34.661] [debug][plugins][plugins][securitySolution][securitySolution] created 67 signals name: "Rule w exceptions" id: "239c70da-8640-4964-b7ba-a45cf1528563" rule id: "query-with-exceptions" signals index: ".siem-signals-devin-hurley-default" | |
| server log [22:34:34.662] [debug][plugins][plugins][securitySolution][securitySolution] filteredEvents.hits.hits: 67 name: "Rule w exceptions" id: "239c70da-8640-4964-b7ba-a45cf1528563" rule |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server log [01:11:26.989] [debug][plugins][plugins][securitySolution][securitySolution] totalHits: 4737 name: "Rule w exceptions" id: "239c70da-8640-4964-b7ba-a45cf1528563" rule id: "query-with-exceptions" signals index: ".siem-signals-devin-hurley-default" | |
| server log [01:11:26.989] [debug][plugins][plugins][securitySolution][securitySolution] searchResult.hit.hits.length: 100 name: "Rule w exceptions" id: "239c70da-8640-4964-b7ba-a45cf1528563" rule id: "query-with-exceptions" signals index: ".siem-signals-devin-hurley-default" | |
| server log [01:11:26.990] [debug][plugins][plugins][securitySolution][securitySolution] valuesOfGivenType: [ | |
| "71.211.48.72", | |
| "47.34.56.166", | |
| "172.100.214.142", | |
| "67.173.227.94", | |
| "89.12.89.72", | |
| "35.226.77.71", | |
| "35.199.90.14", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| at org.elasticsearch.action.ActionListener$1.onResponse(ActionListener.java:128) [elasticsearch-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] | |
| │ at org.elasticsearch.xpack.security.authz.store.CompositeRolesStore.getRoles(CompositeRolesStore.java:275) [x-pack-security-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] | |
| │ at org.elasticsearch.xpack.security.authz.RBACEngine.getRoles(RBACEngine.java:132) [x-pack-security-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] | |
| │ at org.elasticsearch.xpack.security.authz.RBACEngine.resolveAuthorizationInfo(RBACEngine.java:120) [x-pack-security-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] | |
| │ at org.elasticsearch.xpack.security.authz.AuthorizationService.authorize(AuthorizationService.java:229) [x-pack-security-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] | |
| │ at org.elasticsearch.xpack.security.action.filter.SecurityActionFilter.authorizeRequest(SecurityActionFilter.java:173) [x-pack-security-8.0.0-SNAPSHOT.jar:8.0.0-SNAPSHOT] | |
| │ at org.elasticsearch.xpa |
dhurley14
/ gist:a0e24e092cbc5c25dfaa
Created
March 22, 2016 22:32
client openvpn config file contents
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ############################################## | |
| # Sample client-side OpenVPN 2.0 config file # | |
| # for connecting to multi-client server. # | |
| # # | |
| # This configuration can be used by multiple # | |
| # clients, however each client should have # | |
| # its own cert and key files. # | |
| # # | |
| # On Windows, you might want to rename this # | |
| # file so it has a .ovpn extension # |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {"id":"9c21dfcc-6694-479d-b330-9bc984c1b880","updated_at":"2024-04-23T00:38:44.723Z","updated_by":"elastic_serverless","created_at":"2024-04-22T19:47:16.573Z","created_by":"elastic_serverless","name":"test","tags":[],"interval":"1m","enabled":false,"revision":9,"description":"test","risk_score":21,"severity":"low","license":"","output_index":"","meta":{"from":"500m","kibana_siem_app_url":"http://localhost:5601/app/security"},"author":[],"false_positives":[],"from":"now-30060s","rule_id":"a8419dbe-0fea-4602-ab98-cdbf74ff9ea6","max_signals":100,"risk_score_mapping":[],"severity_mapping":[],"threat":[],"to":"now","references":[],"version":1,"exceptions_list":[],"immutable":false,"related_integrations":[],"required_fields":[],"setup":"","type":"threat_match","language":"kuery","index":["high*"],"query":"*:*","filters":[],"threat_filters":[],"threat_query":"*:*","threat_mapping":[{"entries":[{"field":"host.name","type":"mapping","value":"host.name"},{"field":"container.id","type":"mapping","value":"container.id"}, |
OlderNewer