From 85bc5f1a58a9b3918c334fd4420bb7daa98e5f5b Mon Sep 17 00:00:00 2001
From: admingit <pamphile.jocelyn@gmail.com>
Date: Mon, 23 Oct 2023 14:05:07 +0200
Subject: [PATCH] add event

---
 .../Splunk_TA_microsoft_ad_FW_Other/default/eventtypes.conf    | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/deployment-apps/Splunk_TA_microsoft_ad_FW_Other/default/eventtypes.conf b/deployment-apps/Splunk_TA_microsoft_ad_FW_Other/default/eventtypes.conf
index 344c663d..978e5de3 100644
--- a/deployment-apps/Splunk_TA_microsoft_ad_FW_Other/default/eventtypes.conf
+++ b/deployment-apps/Splunk_TA_microsoft_ad_FW_Other/default/eventtypes.conf
@@ -51,3 +51,6 @@ search = eventtype=admon objectCategory="*CN=Computer*"
 [admon-user]
 search = eventtype=admon objectCategory="*CN=Person*"
 
+[wineventlog_windows]
+search = eventtype=wineventlog_application OR eventtype=wineventlog_system OR eventtype=wineventlog_security OR eventtype=wineventlog-ds OR eventtype=wineventlog-dfs OR eventtype=wineventlog-keymanagement OR eventtype=wineventlog-filereplication OR eventtype=wineventlog-dns
+#tags = os windows