API tools faq
paste
Advertisement
JohnGalt14

Sigma Converter Targets : October 2021

JohnGalt14
Oct 22nd, 2021
267
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.07 KB | None | 0 0
raw download clone embed print report
  1. Configurations (Sources):
  2. ala : Azure Sentinel
  3. ala-azure-activitylogs : Azure Activity Logs mapping for Azure Log Analytics
  4. ala-azure-ad_auditlogs : Azure AD Audit Logs mapping for Azure Log Analytics
  5. ala-azure-aws_cloudtrail : AWS CloudTrail Logs mapping for Azure Log Analytics
  6. ala-suricata : Suricata logs mapping for Azure Log Analytics
  7. arcsight : ArcSight
  8. arcsight-zeek : ArcSight Corelight Zeek and Corelight Opensource Zeek Configuration
  9. carbon-black : CarbonBlack field mapping
  10. carbon-black-eedr : CarbonBlack Enterprise EDR
  11. chronicle : Google Chronicle field mapping
  12. crowdstrike : Splunk used in Falcon Portal
  13. devo-network : Devo sourcetype mappings for network sources
  14. devo-web : Devo sourcetype mappings for web sources
  15. devo-windows : Devo sourcetype mappings for windows sources
  16. ecs-auditbeat-modules-enabled : Elastic Auditbeat (from 7.x) index pattern and field mapping
  17. ecs-auditd : Elastic Auditbeat (from 7.x) index pattern and field mapping following Elastic enabled Modules
  18. ecs-azure-activitylogs : Azure Activity Logs Elasticsearch ecs mapping
  19. ecs-azure-ad_auditlogs : Azure AD Audit Logs Elasticsearch ecs mapping
  20. ecs-azure-ad_signinlogs : Azure AD Signin Audit Logs Elasticsearch ecs mapping
  21. ecs-cloudtrail : Elastic Common Schema And Elastic Exported Fields Mapping For AWS CloudTrail Logs
  22. ecs-dns : Elastic Common Schema mapping for proxy and webserver logs including NSM DNS logs (zeek/suricata)
  23. ecs-filebeat : Elastic filebeat (from 7.x) index pattern and field mapping following Elastic Common Schema
  24. ecs-ms365_defender : Microsoft 365 Defender Elasticsearch ecs mapping
  25. ecs-okta : Elastic Exported Fields Mapping For Okta logs
  26. ecs-proxy : Elastic Common Schema mapping for proxy and webserver logs including NSM logs (zeek/suricata)
  27. ecs-suricata : Elastic Common Schema And Elastic Exported Fields Mapping For Suricata Logs
  28. ecs-zeek-corelight : Corelight Zeek and Corelight Opensource Zeek Elastic Common Schema (ECS) implementation
  29. ecs-zeek-elastic-beats-implementation : Elastic Common Schema (ECS) implementation for Zeek using filebeat modules enabled based on version 7.6.1
  30. elk-defaultindex : ELK default indices logstash-* and filebeat-*
  31. elk-defaultindex-filebeat : ELK default indices filebeat-*
  32. elk-defaultindex-logstash : ELK default indices logstash-*
  33. elk-linux : ELK Linux Indices and Mappings
  34. elk-windows : ELK Windows Indices and Mappings
  35. elk-winlogbeat : ELK Ingested with Winlogbeat
  36. elk-winlogbeat-sp : ELK Ingested with Winlogbeat
  37. filebeat-defaultindex : Elastic Filebeat default index name
  38. fireeye-helix : FireEye Helix
  39. helk : HELK index patterns and OSSEM field mappings
  40. humio : Humio log source conditions
  41. limacharlie : LimaCharlie
  42. logpoint-windows : Logpoint
  43. logrhythm_winevent : LogRhythm Windows EventID Field Mapping
  44. logstash-defaultindex : Generic Logstash index prefix
  45. logstash-linux : Logstash Linux project (https://github.com/thomaspatzke/logstash-linux)
  46. logstash-windows : Logstash Windows common log sources
  47. logstash-zeek-default-json : Zeek field mappings for default collection of JSON logs with no parsing/normalization done and sending into logstash-*index
  48. m365 : Microsoft 365 Rules
  49. netwitness : NetWitness
  50. netwitness-epl : NetWitness
  51. powershell : Logsource to LogName mappings for PowerShell backend
  52. qradar : QRadar
  53. qualys : Qualys
  54. splunk-windows : Splunk Windows log source conditions
  55. splunk-windows-index : Splunk Windows index and EventID field mapping
  56. splunk-zeek : Splunk Zeek sourcetype mappings
  57. stix-custom : Additional STIX mapping for future use
  58. stix-shifter : Custom mappings for stix-shifter project
  59. stix2.0 : Official STIX 2.0
  60. sumologic : SumoLogic
  61. sumologic-cse : SumoLogic
  62. sysmon : Conversion of Generic Rules into Sysmon Specific Rules
  63. thor : THOR
  64. windows-audit : Conversion for Windows Native Auditing Events
  65. winlogbeat : Elastic Winlogbeat (from 7.x) index pattern and field mapping
  66. winlogbeat-modules-enabled : Elastic Winlogbeat (from 7.x) index pattern and field mapping following Elastic enabled Modules
  67. winlogbeat-old : Elastic Winlogbeat (<=6.x) index pattern and field mapping
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!