admingit
/
Deploiement_Server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '89ac45cb63'
${ noResults }
Deploiement_Server/deployment-apps/Splunk_Security_Essentials/default/workflow_actions.conf

134 lines
3.5 KiB
Raw Blame History

[sse_user_notable_risk_drilldown]
display_location = field_menu
fields = user
label = Analyze ES Risk for user $user$
link.method = get
link.target = blank
link.uri = ../Splunk_Security_Essentials/analyze_es_risk?form.criteria=$user$
type = link
eventtypes = notable
[sse_user_risk_risk_drilldown]
display_location = field_menu
fields = user
label = Analyze ES Risk for user $user$
link.method = get
link.target = blank
link.uri = ../Splunk_Security_Essentials/analyze_es_risk?form.criteria=$user$
type = link
eventtypes = modrisk_results
[sse_dest_notable_risk_drilldown]
display_location = field_menu
fields = dest
label = Analyze ES Risk for dest $dest$
link.method = get
link.target = blank
link.uri = ../Splunk_Security_Essentials/analyze_es_risk?form.criteria=$dest$
type = link
eventtypes = notable
[sse_dest_ip_notable_risk_drilldown]
display_location = field_menu
fields = dest_ip
label = Analyze ES Risk for dest_ip $dest_ip$
link.method = get
link.target = blank
link.uri = ../Splunk_Security_Essentials/analyze_es_risk?form.criteria=$dest_ip$
type = link
eventtypes = notable
[sse_dest_risk_risk_drilldown]
display_location = field_menu
fields = dest
label = Analyze ES Risk for dest $dest$
link.method = get
link.target = blank
link.uri = ../Splunk_Security_Essentials/analyze_es_risk?form.criteria=$dest$
type = link
eventtypes = modrisk_results
[sse_src_notable_risk_drilldown]
display_location = field_menu
fields = src
label = Analyze ES Risk for src $src$
link.method = get
link.target = blank
link.uri = ../Splunk_Security_Essentials/analyze_es_risk?form.criteria=$src$
type = link
eventtypes = notable
[sse_src_risk_risk_drilldown]
display_location = field_menu
fields = src
label = Analyze ES Risk for src $src$
link.method = get
link.target = blank
link.uri = ../Splunk_Security_Essentials/analyze_es_risk?form.criteria=$src$
type = link
eventtypes = modrisk_results
[sse_src_ip_notable_risk_drilldown]
display_location = field_menu
fields = src_ip
label = Analyze ES Risk for src_ip $src_ip$
link.method = get
link.target = blank
link.uri = ../Splunk_Security_Essentials/analyze_es_risk?form.criteria=$src_ip$
type = link
eventtypes = notable
[sse_risk_object_risk_risk_drilldown]
display_location = both
fields = risk_object
label = Analyze ES Risk for risk_object $risk_object$
link.method = get
link.target = blank
link.uri = ../Splunk_Security_Essentials/analyze_es_risk?form.criteria=$risk_object$
type = link
eventtypes = modrisk_results
[mitre_technique_drilldown_notable]
display_location = field_menu
fields = mitre_technique
label = View Technique on MITRE Website
link.method = get
link.target = blank
link.uri = https://attack.mitre.org/techniques/$mitre_technique$
type = link
eventtypes = notable
[mitre_technique_drilldown_modrisk]
display_location = field_menu
fields = mitre_technique
label = View Technique on MITRE Website
link.method = get
link.target = blank
link.uri = https://attack.mitre.org/techniques/$mitre_technique$
type = link
eventtypes = modrisk_results
[mitre_tactic_drilldown_notable]
display_location = field_menu
fields = mitre_tactic
label = View Tactic on MITRE Website
link.method = get
link.target = blank
link.uri = https://attack.mitre.org/tactics/$mitre_tactic$
type = link
eventtypes = notable
[mitre_tactic_drilldown_modrisk]
display_location = field_menu
fields = mitre_tactic
label = View Tactic on MITRE Website
link.method = get
link.target = blank
link.uri = https://attack.mitre.org/tactics/$mitre_tactic$
type = link
eventtypes = modrisk_results
Reference in new issue View Git Blame Copy Permalink