From 95af66731c6b22c38648b0e9808babc59f1aa11d Mon Sep 17 00:00:00 2001 From: Nikita Skobov Date: Fri, 17 Nov 2023 12:05:16 -0600 Subject: [PATCH] fix selector syntax --- lookup_tables/greynoise/basic/riot_basic.yml | 40 ++++++++++---------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/lookup_tables/greynoise/basic/riot_basic.yml b/lookup_tables/greynoise/basic/riot_basic.yml index 866663524..3836746ee 100644 --- a/lookup_tables/greynoise/basic/riot_basic.yml +++ b/lookup_tables/greynoise/basic/riot_basic.yml @@ -221,44 +221,44 @@ LogTypeMap: - "src_ip" - LogType: Zeek.Conn Selectors: - - '$id.orig_h' - - '$id.resp_h' + - '$.id.orig_h' + - '$.id.resp_h' - LogType: Zeek.DNS Selectors: - - '$id.orig_h' - - '$id.resp_h' + - '$.id.orig_h' + - '$.id.resp_h' - LogType: Zeek.DPD Selectors: - - '$id.orig_h' - - '$id.resp_h' + - '$.id.orig_h' + - '$.id.resp_h' - LogType: Zeek.HTTP Selectors: - - '$id.orig_h' - - '$id.resp_h' + - '$.id.orig_h' + - '$.id.resp_h' - LogType: Zeek.Notice Selectors: - - '$id.orig_h' - - '$id.resp_h' + - '$.id.orig_h' + - '$.id.resp_h' - LogType: Zeek.NTP Selectors: - - '$id.orig_h' - - '$id.resp_h' + - '$.id.orig_h' + - '$.id.resp_h' - LogType: Zeek.Ssh Selectors: - - '$id.orig_h' - - '$id.resp_h' + - '$.id.orig_h' + - '$.id.resp_h' - LogType: Zeek.Ssl Selectors: - - '$id.orig_h' - - '$id.resp_h' + - '$.id.orig_h' + - '$.id.resp_h' - LogType: Zeek.Tunnel Selectors: - - '$id.orig_h' - - '$id.resp_h' + - '$.id.orig_h' + - '$.id.resp_h' - LogType: Zeek.Weird Selectors: - - '$id.orig_h' - - '$id.resp_h' + - '$.id.orig_h' + - '$.id.resp_h' - LogType: Zendesk.Audit Selectors: - "ip_address"