splunk-malware-filter/default/transforms.conf

42 lines
859 B
Plaintext
Raw Normal View History

2023-02-04 06:38:50 +00:00
[urlhaus-filter-splunk-online]
batch_index_query = 0
case_sensitive_match = 1
filename = urlhaus-filter-splunk-online.csv
max_matches = 1
[phishing-filter-splunk]
batch_index_query = 0
case_sensitive_match = 1
filename = phishing-filter-splunk.csv
max_matches = 1
[pup-filter-splunk]
batch_index_query = 0
case_sensitive_match = 1
filename = pup-filter-splunk.csv
max_matches = 1
[vn-badsite-filter-splunk]
batch_index_query = 0
case_sensitive_match = 1
filename = vn-badsite-filter-splunk.csv
max_matches = 1
[botnet-filter-splunk]
batch_index_query = 0
case_sensitive_match = 1
filename = botnet-filter-splunk.csv
[botnet_ip]
batch_index_query = 0
case_sensitive_match = 1
filename = botnet_ip.csv
[opendbl_ip]
batch_index_query = 0
case_sensitive_match = 1
filename = opendbl_ip.csv
min_matches = 1
default_match = none
match_type = CIDR(cidr_range)