trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Actually add files

Browse Source
This commit is contained in:
Chris Long
2019-05-26 21:36:10 -07:00
parent cd722dab8b
commit e78c312bc5
10 changed files with 27 additions and 112 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
Vagrant/resources/splunk_forwarder/inputs.conf
View File

@@ -3,27 +3,27 @@ index = sysmon
disabled = false
renderXml = true
[monitor://c:\programdata\osquery\log\osqueryd.results.log]
[monitor://c:\Program Files\osquery\log\osqueryd.results.log]
index = osquery
disabled = false
sourcetype = osquery:json
[monitor://c:\programdata\osquery\log\osqueryd.snapshots.log]
[monitor://c:\Program Files\osquery\log\osqueryd.snapshots.log]
index = osquery
disabled = false
sourcetype = osquery:json
[monitor://c:\programdata\osquery\log\osqueryd.INFO.*]
[monitor://c:\Program Files\osquery\log\osqueryd.INFO.*]
index = osquery-status
disabled = false
sourcetype = osquery-info:syslog
[monitor://c:\programdata\osquery\log\osqueryd.WARNING.*]
[monitor://c:\Program Files\osquery\log\osqueryd.WARNING.*]
index = osquery-status
disabled = false
sourcetype = osquery-warn:syslog
[monitor://c:\programdata\osquery\log\osqueryd.ERROR.*]
[monitor://c:\Program Files\osquery\log\osqueryd.ERROR.*]
index = osquery-status
disabled = false
sourcetype = osquery-error:syslog