You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
860 lines
20 KiB
860 lines
20 KiB
|
|
# Application-level permissions
|
|
|
|
[]
|
|
access = read : [ * ], write : [ power ]
|
|
|
|
### EVENT TYPES
|
|
|
|
[eventtypes]
|
|
export = system
|
|
|
|
|
|
### PROPS
|
|
|
|
[props]
|
|
export = system
|
|
|
|
|
|
### TRANSFORMS
|
|
|
|
[transforms]
|
|
export = system
|
|
|
|
|
|
### LOOKUPS
|
|
|
|
[lookups]
|
|
export = system
|
|
|
|
|
|
### VIEWSTATES: even normal users should be able to create shared viewstates
|
|
|
|
[viewstates]
|
|
access = read : [ * ], write : [ * ]
|
|
export = system
|
|
|
|
|
|
### Merged from local.meta
|
|
|
|
[app/install/install_source_checksum]
|
|
version = 9.2.1
|
|
modtime = 1720713316.788815000
|
|
|
|
[macros/sandfly_search]
|
|
access = read : [ * ], write : [ power ]
|
|
export = system
|
|
owner = nobody
|
|
version = 8.2.4
|
|
modtime = 1663868543.893133000
|
|
|
|
[macros/sandfly_search_alarms]
|
|
access = read : [ * ], write : [ power ]
|
|
export = system
|
|
owner = nobody
|
|
version = 8.2.4
|
|
modtime = 1663868555.663400000
|
|
|
|
[macros/sandfly_search_all]
|
|
access = read : [ * ], write : [ power ]
|
|
export = system
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1720724740.158161000
|
|
|
|
[savedsearches/SSH%20Keys%20-%20Hosts%20with%20Immutable%20authorized_keys%20File]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 8.2.4
|
|
modtime = 1666411166.103541000
|
|
|
|
[savedsearches/SSH%20Keys%20-%20Number%20of%20Hosts%20with%20SSH%20Key]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 8.2.4
|
|
modtime = 1666411166.118178000
|
|
|
|
[savedsearches/SSH%20Keys%20-%20User%20Names%20Associated%20with%20SSH%20Key]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 8.2.4
|
|
modtime = 1666411166.117641000
|
|
|
|
[savedsearches/Host%20with%20Immutable%20authorized_keys%20File]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 8.2.4
|
|
modtime = 1666411278.473326000
|
|
|
|
[savedsearches/SSH%20Keys%20-%20authorized_keys%20File%20Last%20Accessed]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 8.2.4
|
|
modtime = 1666411166.158629000
|
|
|
|
[savedsearches/SSH%20Keys%20-%20authorized_keys%20File%20Accessed%20Today]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 8.2.4
|
|
modtime = 1666555833.747574000
|
|
|
|
[savedsearches/SSH%20Keys%20-%20authorized_keys%20File%20Modified%20Today]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 8.2.4
|
|
modtime = 1666411166.157267000
|
|
|
|
[savedsearches/SSH%20Keys%20-%20authorized_keys%20File%20Created%20Today]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 8.2.4
|
|
modtime = 1666411166.119154000
|
|
|
|
[savedsearches/SSH%20Keys%20-%20authorized_keys%20File%20Created%20Last%2024%20Hours]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 8.2.4
|
|
modtime = 1666556352.053036000
|
|
|
|
[savedsearches/SSH%20Keys%20-%20authorized_keys%20File%20Created%20Last%2048%20Hours]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 8.2.4
|
|
modtime = 1666556352.053602000
|
|
|
|
[savedsearches/SSH%20Keys%20-%20authorized_keys%20File%20Created%20Last%2072%20Hours]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 8.2.4
|
|
modtime = 1666556352.054306000
|
|
|
|
[savedsearches/SSH%20Keys%20-%20authorized_keys%20File%20Created%20Last%207%20Days]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 8.2.4
|
|
modtime = 1666556352.031136000
|
|
|
|
[macros/sandfly_search_sshkeys]
|
|
access = read : [ * ], write : [ power ]
|
|
export = system
|
|
owner = nobody
|
|
version = 8.2.4
|
|
modtime = 1667793463.018565000
|
|
|
|
[views/sandfly_security__ssh_authorized_keys_file_report]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1722377597.474483000
|
|
|
|
[views/sandfly_security__ssh_authorized_keys_file_created]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1722377020.526258000
|
|
|
|
[savedsearches/SSH%20Hunter%20-%20Keys%20Last%20Seen%20Report]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 8.2.4
|
|
modtime = 1668380524.918861000
|
|
|
|
[savedsearches/SSH%20Hunter%20-%20Keys%20First%20Seen%20This%20Week]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 8.2.4
|
|
modtime = 1668837847.074182000
|
|
|
|
[savedsearches/SSH%20Hunter%20-%20Keys%20First%20Seen%20Today]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 8.2.4
|
|
modtime = 1668837814.726082000
|
|
|
|
[views/ssh_hunter__key_investigation]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1722526547.156539000
|
|
|
|
[views/ssh_hunter__key_summary]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1722526584.308831000
|
|
|
|
[views/ssh_hunter__key_details]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1722022787.722940000
|
|
|
|
[views/ssh_hunter__user_investigation]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 8.2.4
|
|
modtime = 1668380547.435677000
|
|
|
|
[views/ssh_hunter__user_summary]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 8.2.4
|
|
modtime = 1669955805.814088000
|
|
|
|
[views/ssh_hunter__host_investigation]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1724167087.901061000
|
|
|
|
[views/ssh_hunter__host_summary]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1722451034.473814000
|
|
|
|
[macros/sandfly_search_sandflies]
|
|
access = read : [ * ], write : [ power ]
|
|
export = system
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1720724669.517221000
|
|
|
|
[savedsearches/Sandflies%20to%20Lookup%20File]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1692149513.664108000
|
|
|
|
[savedsearches/Sandfly%20Hosts%20to%20Asset%20Lookup]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 8.2.4
|
|
modtime = 1669078115.878208000
|
|
|
|
[savedsearches/Sandfly%20Hosts%20to%20Hosts%20Lookup]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 8.2.4
|
|
modtime = 1669078115.865452000
|
|
|
|
[macros/sandfly_search_ssh_hunter]
|
|
access = read : [ * ], write : [ power ]
|
|
export = system
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1720724800.727439000
|
|
|
|
[macros/sandfly_search_hosts]
|
|
access = read : [ * ], write : [ power ]
|
|
export = system
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1720724822.363216000
|
|
|
|
[macros/sandfly_search_hosts_details]
|
|
access = read : [ * ], write : [ power ]
|
|
export = system
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1720724835.200972000
|
|
|
|
[macros/sandfly_search_hosts_summary]
|
|
access = read : [ * ], write : [ power ]
|
|
export = system
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1720724856.168139000
|
|
|
|
[views/sandfly_security__hosts]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1723748587.026413000
|
|
|
|
[views/sandfly_security_daily_snapshot]
|
|
version = 9.2.1
|
|
modtime = 1723760263.954430000
|
|
|
|
[views/sandfly_security__host_details]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1724358696.090953000
|
|
|
|
[views/sandfly_security_sandfly_investigation]
|
|
version = 9.2.1
|
|
modtime = 1722376492.055276000
|
|
|
|
[savedsearches/Count%20of%20Sandflies]
|
|
version = 9.2.1
|
|
modtime = 1692149025.799528000
|
|
|
|
[savedsearches/Events%20by%20Host%20with%20Description]
|
|
version = 9.2.1
|
|
modtime = 1692149080.269226000
|
|
|
|
[savedsearches/Top%2010%20Sandflies%20over%20Time%20Range]
|
|
version = 9.2.1
|
|
modtime = 1692149130.629711000
|
|
|
|
[macros/sandfly_search_audit]
|
|
access = read : [ * ], write : [ power ]
|
|
export = system
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1720724515.837008000
|
|
|
|
[macros/sandfly_search_errors]
|
|
access = read : [ * ], write : [ power ]
|
|
export = system
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1720724545.315803000
|
|
|
|
[macros/sandfly_search_errors_detailed]
|
|
access = read : [ * ], write : [ power ]
|
|
export = system
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1720724620.073445000
|
|
|
|
[macros/sandfly_search_errors_summary]
|
|
access = read : [ * ], write : [ power ]
|
|
export = system
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1720724660.723474000
|
|
|
|
[savedsearches/Sandfly%20TA%20Internal%20Errors]
|
|
version = 9.2.1
|
|
modtime = 1720725613.350340000
|
|
|
|
[savedsearches/Sandfly%20TA%20Internal%20Logs]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1720725744.336042000
|
|
|
|
[savedsearches/Inactive%20Hosts%20Report]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1723752786.976985000
|
|
|
|
[views/audit_logs_overview]
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1722441028.614437000
|
|
|
|
[views/audit_logs_authentication]
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1720736710.674339000
|
|
|
|
[savedsearches/Audit%20Log%20Authentication%20Events]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1720736816.447209000
|
|
|
|
[views/audit_logs_user_accounts]
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1720800779.343723000
|
|
|
|
[views/audit_logs_license_errors]
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1720815873.896914000
|
|
|
|
[views/audit_logs_system_changes]
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1720808660.726981000
|
|
|
|
[views/error_logs_overview]
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1722528326.063782000
|
|
|
|
[savedsearches/Scanning%20Error%20Log%20Alert]
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721054313.619636000
|
|
|
|
[savedsearches/Username%20root%20UID%20But%20Not%20Root]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721074537.237468000
|
|
|
|
[savedsearches/Logins%20by%20Username]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721077085.325903000
|
|
|
|
[savedsearches/Usernames%20with%20SSH%20Authorized%20Keys%20Present]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721081594.147755000
|
|
|
|
[savedsearches/Usernames%20with%20Password%20Hash%20Present]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721082097.951888000
|
|
|
|
[savedsearches/Usernames%20with%20Blank%20Password%20Fields]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721082418.335550000
|
|
|
|
[savedsearches/Usernames%20Valid%20Logins%20From%20Hostname]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721142115.862382000
|
|
|
|
[savedsearches/Usernames%20Valid%20Logins%20by%20Username]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721142263.438629000
|
|
|
|
[savedsearches/Usernames%20Valid%20Logins%20Against%20Hostname]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721142530.589625000
|
|
|
|
[savedsearches/Usernames%20Present%20on%20Host]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721142941.358842000
|
|
|
|
[savedsearches/Usernames%20Bad%20Logins%20From%20Hostname]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721143384.103557000
|
|
|
|
[savedsearches/Usernames%20Bad%20Logins%20By%20Username]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721143582.953626000
|
|
|
|
[savedsearches/Usernames%20Bad%20Logins%20Against%20Hostname]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721143842.124444000
|
|
|
|
[savedsearches/Username%20Password%20Hash%20Types]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721144231.447325000
|
|
|
|
[savedsearches/Username%20Login%20Shells%20In%20Use]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721144546.563169000
|
|
|
|
[savedsearches/Username%20Logged%20In]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721144868.477988000
|
|
|
|
[savedsearches/User%20Successful%20Logins%20Over%20Time]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721145781.308448000
|
|
|
|
[savedsearches/User%20Failed%20Logins%20Over%20Time]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721146000.052938000
|
|
|
|
[savedsearches/Processes%20With%20Network%20Ports%20Operating]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721149934.812594000
|
|
|
|
[savedsearches/Processes%20With%20Network%20Ports%20Listening]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721150114.077526000
|
|
|
|
[savedsearches/Operating%20System%20Uptime%20in%20Days]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721151096.984856000
|
|
|
|
[savedsearches/Operating%20System%20Product%20Name]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721151388.742200000
|
|
|
|
[savedsearches/Operating%20System%20Machine%20Type]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721151533.367079000
|
|
|
|
[savedsearches/Operating%20System%20Linux%20Version]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721151763.234463000
|
|
|
|
[savedsearches/Operating%20System%20Linux%20Kernel%20Release%20Version]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721151867.053366000
|
|
|
|
[savedsearches/Operating%20System%20CPU%20Model%20Name]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721152608.509242000
|
|
|
|
[savedsearches/Operating%20System%20CPU%20Architecture]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721152753.521619000
|
|
|
|
[savedsearches/Operating%20System%20Bogo%20MIPS%20Rating]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721152845.355625000
|
|
|
|
[savedsearches/Operating%20System%20BIOS%20Version]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721152947.820249000
|
|
|
|
[savedsearches/Operating%20System%20BIOS%20Vendor]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721153051.788915000
|
|
|
|
[savedsearches/At%20Jobs%20by%20Username]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721153315.704571000
|
|
|
|
[savedsearches/Crontabs%20by%20Username]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721153492.809842000
|
|
|
|
[savedsearches/Intrusion%20Detection%20High%20Entropy%20Process]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721154503.410490000
|
|
|
|
[savedsearches/Intrusion%20Detection%20Immutable%20Process%20Binary%20Running]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721154424.289641000
|
|
|
|
[savedsearches/Intrusion%20Detection%20Process%20Running%20As%20Sniffer]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721155143.795218000
|
|
|
|
[savedsearches/Intrusion%20Detection%20Process%20Running%20From%20%2Fdev%2Fshm]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721155389.722476000
|
|
|
|
[savedsearches/Intrusion%20Detection%20Process%20Running%20from%20Public%20HTML%20Directory]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721155552.766450000
|
|
|
|
[savedsearches/Intrusion%20Detection%20Process%20Running%20From%20Temp%20Directory]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721155771.683697000
|
|
|
|
[savedsearches/SSH%20Hunter%20-%20Banned%20Keys%20Report]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721945726.836922000
|
|
|
|
[savedsearches/SSH%20Hunter%20-%20Banned%20Keys%20Details]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721940986.778346000
|
|
|
|
[savedsearches/SSH%20Hunter%20-%20Banned%20Keys%20by%20Host%20Report]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721946360.769218000
|
|
|
|
[savedsearches/SSH%20Hunter%20-%20Banned%20Keys%20by%20User%20Report]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721946456.897810000
|
|
|
|
[savedsearches/SSH%20Hunter%20-%20Banned%20Keys%20by%20Zone%20Report]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1721947566.898704000
|
|
|
|
[savedsearches/SSH%20Hunter%20-%20Banned%20Keys%20Daily%20Report]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1722011045.291943000
|
|
|
|
[views/ssh_hunter_-_security_zones]
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1722031458.567988000
|
|
|
|
[views/ssh_hunter_-_security_zone_details]
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1722452068.254255000
|
|
|
|
[views/sandfly_security_sourcetype_review]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1724163918.664172000
|
|
|
|
[views/sandfly_security_host_alerts]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.3
|
|
modtime = 1727368161.614105000
|
|
|
|
[savedsearches/Active%20Hosts%20Report%20by%20Last%20Scan%20Date]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1723754281.390676000
|
|
|
|
[savedsearches/Hosts%20Last%20Scan%20Greater%20Than%2024%20Hours%20Ago]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1723759923.368009000
|
|
|
|
[savedsearches/Hosts%20Last%20Scan%20Older%20Than%20Last%20Seen]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1723759896.576359000
|
|
|
|
[savedsearches/Sandfly%20Server%20-%20Logins%20by%20Username]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1723821810.702111000
|
|
|
|
[views/sandfly_security_whitelist_rules]
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1724187331.114265000
|
|
|
|
[macros/sandfly_search_whitelist]
|
|
access = read : [ * ], write : [ power ]
|
|
export = system
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1723837205.931642000
|
|
|
|
[views/sandfly_security_whitelist_rule_details]
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1724351847.316159000
|
|
|
|
[views/sandfly_security__hosts_by_tags]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.1
|
|
modtime = 1724356422.833660000
|
|
|
|
[lookups/mitre_tactics.csv]
|
|
access = read : [ * ], write : [ power ]
|
|
export = system
|
|
owner = nobody
|
|
version = 9.2.3
|
|
modtime = 1727367845.229674000
|
|
|
|
[lookups/mitre_techniques.csv]
|
|
access = read : [ * ], write : [ power ]
|
|
export = system
|
|
owner = nobody
|
|
version = 9.2.3
|
|
modtime = 1727367838.720058000
|
|
|
|
[views/mitre_attack_tactics_and_techniques]
|
|
owner = nobody
|
|
version = 9.2.3
|
|
modtime = 1727377670.275815000
|
|
|
|
[views/mitre_attack_techniques_sandflies]
|
|
owner = nobody
|
|
version = 9.2.3
|
|
modtime = 1727388495.516773000
|
|
|
|
[views/mitre_attack_techniques_detection]
|
|
owner = nobody
|
|
version = 9.2.3
|
|
modtime = 1727388420.662988000
|
|
|
|
[views/mitre_attck_tactics_detection]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.3
|
|
modtime = 1727376998.774484000
|
|
|
|
[views/mitre_attck_tactics_sandflies]
|
|
access = read : [ * ], write : [ power ]
|
|
export = none
|
|
owner = nobody
|
|
version = 9.2.3
|
|
modtime = 1727377025.394058000
|
|
|
|
[macros/sandfly_search_drift]
|
|
access = read : [ * ], write : [ power ]
|
|
export = system
|
|
owner = nobody
|
|
version = 10.0.1
|
|
modtime = 1762895535.776022000
|
|
|
|
[views/sandfly_security_-_drift_detection]
|
|
owner = nobody
|
|
version = 10.0.1
|
|
modtime = 1770752614.930217000
|
|
|
|
[macros/sandfly_search_results_whitelisted]
|
|
access = read : [ * ], write : [ power ]
|
|
export = system
|
|
owner = nobody
|
|
version = 10.0.1
|
|
modtime = 1770750334.883648000
|
|
|
|
[views/sandfly_security_-_whitelisted_results]
|
|
owner = nobody
|
|
version = 10.0.1
|
|
modtime = 1770752563.562543000
|