l.bourdin
/
Wazuh-Custom-rules
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Wazuh-Custom-rules/web-attack.xml

32 lines
821 B
XML
Raw Blame History

<!-- Règles intrusion web -->
<!-- Filtrage POST Zabbix -->
<group name="zabbix, DDOS, Filtrage">
<rule id="101000" level="0">
<if_sid>31530</if_sid>
<srcip>10.172.253.99</srcip>
<description>Filtrage DDOS Zabbix</description>
<options>no_full_log</options>
</rule>
</group>
<group name="zabbix, DDOS, Filtrage">
<rule id="101001" level="0">
<if_sid>31530</if_sid>
<url>/zabbix</url>
<description>Filtrage DDOS Zabbix</description>
<options>no_full_log</options>
</rule>
</group>
<group name="zabbix, DDOS, Filtrage">
<rule id="101002" level="0">
<if_sid>31533</if_sid>
<srcip>10.172.253.99</srcip>
<description>Filtrage DDOS Zabbix</description>
<options>no_full_log</options>
</rule>
</group>
Reference in New Issue View Git Blame Copy Permalink