Skip to content

Instantly share code, notes, and snippets.

@planglois925

planglois925/cwa_parameter_store

Created December 29, 2018 14:25
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save planglois925/f75939ad9f0240157a86e8015b9a165c to your computer and use it in GitHub Desktop.
Save planglois925/f75939ad9f0240157a86e8015b9a165c to your computer and use it in GitHub Desktop.
Download ZIP
Raw
cwa_parameter_store
{
"logs": {
"logs_collected": {
"windows_events": {
"collect_list": [
{
"event_format": "xml",
"event_levels": [
"INFORMATION",
"WARNING",
"ERROR",
"CRITICAL"
],
"event_name": "System",
"log_group_name": "System"
},
{
"event_format": "xml",
"event_levels": [
"VERBOSE",
"INFORMATION",
"WARNING",
"ERROR",
"CRITICAL"
],
"event_name": "Security",
"log_group_name": "Security"
},
{
"event_format": "xml",
"event_levels": [
"VERBOSE",
"INFORMATION",
"WARNING",
"ERROR",
"CRITICAL"
],
"event_name": "Microsoft-Windows-Sysmon/Operational",
"log_group_name": "Sysmon"
}
]
}
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment