l.bourdin
/
Wazuh-Custom-rules
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Wazuh-Custom-rules/Connexion-Linux-PBS.xml

24 lines
832 B
XML
Raw Blame History

<!-- Alertes en cas de connexion SSH PBS -->
<!-- PBS LR -->
<group name="authentication_success,pci_dss_10.2.5,gpg13_7.8,gpg13_7.9,gdpr_IV_32.2,hipaa_164.312.b,nist_800_53_AU.14,nist_800_53_AC.7,tsc_CC6.8,tsc_CC7.2,tsc_CC7.3,">
<rule id="102500" level="15">
<if_sid>5501</if_sid>
<hostname>pbs</hostname>
<description>Connexion SSH sur PBS-LR</description>
<mitre>
<id>T1078</id>
</mitre>
</rule>
</group>
<!-- PBS LACT-->
<group name="authentication_success,pci_dss_10.2.5,gpg13_7.8,gpg13_7.9,gdpr_IV_32.2,hipaa_164.312.b,nist_800_53_AU.14,nist_800_53_AC.7,tsc_CC6.8,tsc_CC7.2,tsc_CC7.3,">
<rule id="102501" level="15">
<if_sid>5501</if_sid>
<hostname>pbs03</hostname>
<description>Connexion SSH sur PBS-LR</description>
<mitre>
<id>T1078</id>
</mitre>
</rule>
</group>
Reference in New Issue View Git Blame Copy Permalink