trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
Chris Long
2017-12-11 08:49:25 -08:00
commit 1577341ce9
157 changed files with 5271 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
Vagrant/resources/splunk_server/transforms.conf Normal file
View File

@@ -0,0 +1,10 @@
[powershell_rename_host]
DEST_KEY = MetaData:Host
SOURCE_KEY = MetaData:Source
REGEX = PowerShell_transcript\.([^\S]+)\.
FORMAT = host::$1
[wef_computername_as_host]
DEST_KEY = MetaData:Host
REGEX = (?m)ComputerName=(.+)
FORMAT = host::$1