github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 09:48:58 -04:00
Code Issues Projects Releases Packages Wiki Activity

Update network filters. (#158353)

Browse source 
## Summary

Updates the prebuilt rule alerts filterlist to allow through some
additional network fields.
This commit is contained in:
Pete Hampton 2023-05-26 17:35:58 +01:00 committed by GitHub
parent 7655cb9e9e
commit 7c5b99f65b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

22
x-pack/plugins/security_solution/server/lib/telemetry/filterlists/prebuilt_rules_alerts.ts
View file

@ -92,9 +92,7 @@ export const prebuiltRuleAllowlistFields: AllowlistFields = {
hash: true,
},
},
destination: {
port: true,
},
destination: true,
dll: {
Ext: {
relative_file_creation_time: true,
@ -135,13 +133,7 @@ export const prebuiltRuleAllowlistFields: AllowlistFields = {
},
},
message: true,
network: {
bytes: true,
direction: true,
protocol: true,
transport: true,
type: true,
},
network: true,
orchestrator: {
namespace: true,
resource: {
@ -212,20 +204,14 @@ export const prebuiltRuleAllowlistFields: AllowlistFields = {
rule: {
name: true,
},
source: {
port: true,
},
source: true,
tls: {
server: {
hash: true,
},
},
type: true,
url: {
extension: true,
full: true,
path: true,
},
url: true,
user_agent: {
original: true,
},