Skip to content

Commit

Permalink
[fix] Cleanup and sort splunk_metadata.csv (#655)
Browse files Browse the repository at this point in the history
  • Loading branch information
Ryan Faircloth authored and GitHub committed Aug 21, 2020
1 parent fb4c24d commit 5e7be93
Showing 1 changed file with 63 additions and 64 deletions.
127 changes: 63 additions & 64 deletions package/etc/context_templates/splunk_metadata.csv.example
View file
Original file line number Diff line number Diff line change
@@ -1,31 +1,9 @@
bluecoat_proxy,index,netproxy
brocade_syslog,index,netops
ArcSight_ArcSight,index,main
ArcSight_ArcSight,source,ArcSight:ArcSight
Carbon Black_Protection,source,carbonblack:protection:cef
bluecoat_proxy,index,netproxy
brocade_syslog,index,netops
Carbon Black_Protection,index,epintel
Cyber-Ark_Vault,index,netauth
Cyber-Ark_Vault,sourcetype,cyberark:epv:cef
CyberArk_PTA,index,main
CyberArk_PTA,sourcetype,cyberark:pta:cef
Incapsula_SIEMintegration,index,netwaf
Incapsula_SIEMintegration,source,Imperva:Incapsula
Incapsula_SIEMintegration,sourcetype,cef
Incapsula_SIEMintegration,sc4s_template,t_cef_kv
Imperva Inc._SecureSphere,index,netwaf
Imperva Inc._SecureSphere,sourcetype,imperva:waf
Imperva Inc._SecureSphere,sc4s_template,t_legacy_hdr_msg
Imperva Inc._SecureSphere_Firewall,sourcetype,imperva:waf:firewall:cef
Imperva Inc._SecureSphere_Signature,sourcetype,imperva:waf:security:cef
Imperva Inc._SecureSphere_Protocol,sourcetype,imperva:waf:security:cef
Imperva Inc._SecureSphere_Worm,sourcetype,imperva:waf:security:cef
Microsoft_Microsoft Windows,index,oswinsec
Microsoft_System or Application Event,index,oswin
Microsoft_System or Application Event,source,CEFEventLog:System or Application Event
Microsoft_Microsoft Windows,source,CEFEventLog:Microsoft Windows
MCAS_SIEM_Agent,index,main
MCAS_SIEM_Agent,source,microsoft:cas
checkpoint_splunk,index,netops
Carbon Black_Protection,source,carbonblack:protection:cef
checkpoint_splunk_dlp,index,netdlp
checkpoint_splunk_email,index,email
checkpoint_splunk_firewall,index,netfw
Expand All @@ -35,26 +13,35 @@ checkpoint_splunk_sessions,index,netops
checkpoint_splunk_web,index,netproxy
checkpoint_splunk,index,netops
checkpoint_splunk,index,netops
checkpoint_splunk,index,netops
cisco_acs,index,netauth
cisco_apic_acl,index,netfw
cisco_apic_events,index,netops
cisco_acs,index,netauth
cisco_asa,index,netfw
Cisco_C100V Email Security Virtual Appliance_ESA_CONSOLIDATED_LOG_EVENT,index,email
Cisco_C100V Email Security Virtual Appliance_ESA_CONSOLIDATED_LOG_EVENT,sc4s_template,t_legacy_hdr_msg
Cisco_C100V Email Security Virtual Appliance_ESA_CONSOLIDATED_LOG_EVENT,source,esa:consolidated
Cisco_C100V Email Security Virtual Appliance_ESA_CONSOLIDATED_LOG_EVENT,sourcetype,cisco:esa:cef
cisco_esa,index,email
cisco_ftd,index,netfw
cisco_ios,index,netops
cisco_ise,index,netauth
cisco_meraki,index,netfw
cisco_nx_os,index,netops
cisco_ucm,index,main
cisco_wsa,index,netproxy
dell_rsa_secureid,index,netauth
citrix_netscaler,index,netfw
local_example,index,main
forcepoint_webprotect,index,netproxy
f5_bigip,index,netops
Cyber-Ark_Vault,index,netauth
Cyber-Ark_Vault,sourcetype,cyberark:epv:cef
CyberArk_PTA,index,main
CyberArk_PTA,sourcetype,cyberark:pta:cef
dell_rsa_secureid,index,netauth
f5_bigip_access_json,index,netops
f5_bigip_irule,index,netops
f5_bigip_asm,index,netwaf
f5_bigip_irule,index,netops
f5_bigip_nix,index,netops
f5_bigip,index,netops
forcepoint_webprotect,index,netproxy
fortinet_fortios_event,index,netops
fortinet_fortios_log,index,netops
fortinet_fortios_traffic,index,netfw
Expand All @@ -63,79 +50,91 @@ fortinet_fortiweb_attack,index,netids
fortinet_fortiweb_event,index,netops
fortinet_fortiweb_log,index,netops
fortinet_fortiweb_traffic,index,netfw
infoblox_dns,index,netdns
Imperva Inc._SecureSphere_Firewall,sourcetype,imperva:waf:firewall:cef
Imperva Inc._SecureSphere_Protocol,sourcetype,imperva:waf:security:cef
Imperva Inc._SecureSphere_Signature,sourcetype,imperva:waf:security:cef
Imperva Inc._SecureSphere_Worm,sourcetype,imperva:waf:security:cef
Imperva Inc._SecureSphere,index,netwaf
Imperva Inc._SecureSphere,sc4s_template,t_legacy_hdr_msg
Imperva Inc._SecureSphere,sourcetype,imperva:waf
Incapsula_SIEMintegration,index,netwaf
Incapsula_SIEMintegration,sc4s_template,t_cef_kv
Incapsula_SIEMintegration,source,Imperva:Incapsula
Incapsula_SIEMintegration,sourcetype,cef
infoblox_dhcp,index,netipam
infoblox_dns,index,netdns
infoblox_threat,index,netids
juniper_idp,index,netids
juniper_structured,index,netops
juniper_idp_structured,index,netids
juniper_junos_fw_structured,index,netfw
juniper_junos_ids_structured,index,netids
juniper_junos_utm_structured,index,netfw
juniper_idp,index,netids
juniper_junos_aamw_structured,index,netfw
juniper_junos_secintel_structured,index,netfw
juniper_junos_fw_structured,index,netfw
juniper_junos_fw,index,netfw
juniper_junos_ids_structured,index,netids
juniper_junos_ids,index,netids
juniper_junos_secintel_structured,index,netfw
juniper_junos_utm_structured,index,netfw
juniper_junos_utm,index,netfw
juniper_netscreen,index,netfw
juniper_legacy,index,netops
juniper_netscreen,index,netfw
juniper_structured,index,netops
local_example,index,main
mcafee_epo,index,epav
MCAS_SIEM_Agent,index,main
MCAS_SIEM_Agent,source,microsoft:cas
Microsoft_Microsoft Windows,index,oswinsec
Microsoft_Microsoft Windows,source,CEFEventLog:Microsoft Windows
Microsoft_System or Application Event,index,oswin
Microsoft_System or Application Event,source,CEFEventLog:System or Application Event
nix_syslog,index,osnix
pan_traffic,index,netfw
pan_threat,index,netproxy
pan_system,index,netops
pan_config,index,netops
pan_hipmatch,index,main
pan_correlation,index,main
pan_userid,index,netauth
pan_hipmatch,index,main
pan_system,index,netops
pan_threat,index,netproxy
pan_traffic,index,netfw
pan_unknown,index,netops
pfsense,index,netops
pan_userid,index,netauth
pfsense_filterlog,index,netfw
pfsense,index,netops
proofpoint_pps_filter,index,email
proofpoint_pps_sendmail,index,email
sc4s_events,index,main
sc4s_fallback,index,main
sc4s_metrics,index,em_metrics
symantec_ep,index,epav
symantec_brightmail,index,email
symantec_ep,index,epav
syslogng_loggen,index,main
Trend Micro_Deep Security Agent,index,epintel
Trend Micro_Deep Security Agent,sc4s_template,t_legacy_hdr_msg
Trend Micro_Deep Security Agent_intrusion prevention,sourcetype,deepsecurity-intrusion_prevention
Trend Micro_Deep Security Agent_antimalware,index,epav
Trend Micro_Deep Security Agent_antimalware,sourcetype,deepsecurity-antimalware
Trend Micro_Deep Security Agent_app control,sourcetype,deepsecurity-app_control
Trend Micro_Deep Security Agent_firewall,sourcetype,deepsecurity-firewall
Trend Micro_Deep Security Agent_integrity monitoring,sourcetype,deepsecurity-integrity_monitoring
Trend Micro_Deep Security Agent_intrusion prevention,sourcetype,deepsecurity-intrusion_prevention
Trend Micro_Deep Security Agent_log inspection,sourcetype,deepsecurity-log_inspection
Trend Micro_Deep Security Agent_web reputation,sourcetype,deepsecurity-web_reputation
Trend Micro_Deep Security Agent_firewall,sourcetype,deepsecurity-firewall
Trend Micro_Deep Security Agent_antimalware,sourcetype,deepsecurity-antimalware
Trend Micro_Deep Security Agent_antimalware,index,epav
Trend Micro_Deep Security Manager,index,epintel
Trend Micro_Deep Security Agent_app control,sourcetype,deepsecurity-app_control
Trend Micro_Deep Security Agent,sc4s_template,t_legacy_hdr_msg
Trend Micro_Deep Security Manager,index,epintel
Trend Micro_Deep Security Manager,sc4s_template,t_legacy_hdr_msg
Trend Micro_Deep Security Manager,sourcetype,deepsecurity-system_events
ubiquiti_unifi,index,netops
ubiquiti_unifi_fw,index,netfw
ubiquiti_unifi_link,index,netops
ubiquiti_unifi_sudo,index,netops
ubiquiti_unifi_switch,index,netops
ubiquiti_unifi_threat,index,netids
ubiquiti_unifi_wireless,index,netops
ubiquiti_unifi,index,netops
unknown,index,main
unknown,source,SC4S:unknown
unknown,sourcetype,SC4S:unknown
vmware_esx,index,main
vmware_horizon,index,main
vmware_nsx,index,main
vmware_vcenter,index,main
zscaler_alerts,index,netops
zscaler_dns,index,netdns
zscaler_fw,index,netfw
zscaler_lss,index,netproxy
zscaler_web,index,netproxy
zscaler_zia_audit,index,netops
zscaler_zia_sandbox,index,main
zscaler_lss,index,netproxy
unknown,index,main
unknown,source,SC4S:unknown
unknown,sourcetype,SC4S:unknown
Cisco_C100V Email Security Virtual Appliance_ESA_CONSOLIDATED_LOG_EVENT,index,email
Cisco_C100V Email Security Virtual Appliance_ESA_CONSOLIDATED_LOG_EVENT,sc4s_template,t_legacy_hdr_msg
Cisco_C100V Email Security Virtual Appliance_ESA_CONSOLIDATED_LOG_EVENT,sourcetype,cisco:esa:cef
Cisco_C100V Email Security Virtual Appliance_ESA_CONSOLIDATED_LOG_EVENT,source,esa:consolidated
cisco_esa,index,email
zscaler_zia_sandbox,index,main

0 comments on commit 5e7be93

Please sign in to comment.