Skip to content

Commit

Permalink
fixed cisco asa test modeling rules (#27024)
Browse files Browse the repository at this point in the history
  • Loading branch information
yucohen authored May 29, 2023
1 parent 67a42bc commit bfdd2d1
Showing 1 changed file with 1 addition and 2 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,10 @@
"dataset": "cisco_asa_raw",
"event_data": {"_raw_log": "<158>Jan 1 09:40:09 6.6.6.6 %ASA-6-113005: AAA user authentication Rejected : reason = Password has expired : server = 1.1.1.1 : user = test.test@siemteam.com : user IP = 8.8.8.8"},
"expected_values": {
"xdm.event.id": "113005",
"xdm.event.description": "AAA user authentication Rejected : reason = Password has expired : server = 1.1.1.1 : user = test.test@siemteam.com : user IP = 8.8.8.8",
"xdm.alert.severity": "6",
"xdm.network.application_protocol": null,
"xdm.source.ipv4": "1.1.1.1",
"xdm.source.ipv4": "8.8.8.8",
"xdm.source.port": null,
"xdm.source.interface": null,
"xdm.source.sent_bytes": null,
Expand Down

0 comments on commit bfdd2d1

Please sign in to comment.