diff --git a/datasets/cisco_secure_access/firewall/firewall.yml b/datasets/cisco_secure_access/firewall/firewall.yml index 6b3d0517..b701f0e3 100644 --- a/datasets/cisco_secure_access/firewall/firewall.yml +++ b/datasets/cisco_secure_access/firewall/firewall.yml @@ -9,21 +9,25 @@ mitre_technique: [] datasets: - name: firewall path: /datasets/cisco_secure_access/firewall/rdp_brute_force.log - sourcetype: cisco:secure_access:firewall - source: cisco_secure_access:firewall + source: cisco_cloud_security_addon + sourcetype: cisco:cloud_security:firewall - name: large_icmp path: /datasets/cisco_secure_access/firewall/large_icmp.log - sourcetype: cisco:secure_access:firewall - source: cisco_secure_access:firewall + source: cisco_cloud_security_addon + sourcetype: cisco:cloud_security:firewall - name: ldap path: /datasets/cisco_secure_access/firewall/ldap.log - sourcetype: cisco:secure_access:firewall - source: cisco_secure_access:firewall + source: cisco_cloud_security_addon + sourcetype: cisco:cloud_security:firewall - name: outbound_smb path: /datasets/cisco_secure_access/firewall/outbound_smb.log - sourcetype: cisco:secure_access:firewall - source: cisco_secure_access:firewall + source: cisco_cloud_security_addon + sourcetype: cisco:cloud_security:firewall - name: nmap path: /datasets/cisco_secure_access/firewall/nmap.log - sourcetype: cisco:secure_access:firewall - source: cisco_secure_access:firewall \ No newline at end of file + source: cisco_cloud_security_addon + sourcetype: cisco:cloud_security:firewall +- name: smb + path: /datasets/cisco_secure_access/firewall/smb.log + source: cisco_cloud_security_addon + sourcetype: cisco:cloud_security:firewall diff --git a/datasets/cisco_secure_access/firewall/smb.log b/datasets/cisco_secure_access/firewall/smb.log new file mode 100644 index 00000000..fed144ab --- /dev/null +++ b/datasets/cisco_secure_access/firewall/smb.log @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:63fdafa661f342f1869f7ea2d3ac1c95fd85533928f90af66a72b6d9b3be14f7 +size 879