70 lines
2.0 KiB
Plaintext
70 lines
2.0 KiB
Plaintext
|
[malware-filter Update botnet_ip.csv]
|
||
|
action.lookup = 1
|
||
|
action.lookup.filename = botnet_ip.csv
|
||
|
cron_schedule = 0 */12 * * *
|
||
|
description = Update lookup every 12 hours from 00:00
|
||
|
dispatch.earliest_time = -12h
|
||
|
enableSched = 1
|
||
|
schedule_window = 60
|
||
|
search = | getbotnetip
|
||
|
|
||
|
[malware-filter Update botnet-filter-splunk.csv]
|
||
|
action.lookup = 1
|
||
|
action.lookup.filename = botnet-filter-splunk.csv
|
||
|
cron_schedule = 0 */12 * * *
|
||
|
description = Update lookup every 12 hours from 00:00
|
||
|
dispatch.earliest_time = -12h
|
||
|
enableSched = 1
|
||
|
schedule_window = 60
|
||
|
search = | getbotnetfilter
|
||
|
|
||
|
[malware-filter Update opendbl_ip.csv]
|
||
|
action.lookup = 1
|
||
|
action.lookup.filename = opendbl_ip.csv
|
||
|
cron_schedule = 0 */12 * * *
|
||
|
description = Update lookup every 12 hours from 00:00
|
||
|
dispatch.earliest_time = -12h
|
||
|
enableSched = 1
|
||
|
schedule_window = 60
|
||
|
search = | getopendbl
|
||
|
|
||
|
[malware-filter Update phishing-filter-splunk.csv]
|
||
|
action.lookup = 1
|
||
|
action.lookup.filename = phishing-filter-splunk.csv
|
||
|
cron_schedule = 0 */12 * * *
|
||
|
description = Update lookup every 12 hours from 00:00
|
||
|
dispatch.earliest_time = -12h
|
||
|
enableSched = 1
|
||
|
schedule_window = 60
|
||
|
search = | getphishingfilter
|
||
|
|
||
|
[malware-filter Update pup-filter-splunk.csv]
|
||
|
action.lookup = 1
|
||
|
action.lookup.filename = pup-filter-splunk.csv
|
||
|
cron_schedule = 0 */12 * * *
|
||
|
description = Update lookup every 12 hours from 00:00
|
||
|
dispatch.earliest_time = -12h
|
||
|
enableSched = 1
|
||
|
schedule_window = 60
|
||
|
search = | getpupfilter
|
||
|
|
||
|
[malware-filter Update urlhaus-filter-splunk-online.csv]
|
||
|
action.lookup = 1
|
||
|
action.lookup.filename = urlhaus-filter-splunk-online.csv
|
||
|
cron_schedule = 0 */12 * * *
|
||
|
description = Update lookup every 12 hours from 00:00
|
||
|
dispatch.earliest_time = -12h
|
||
|
enableSched = 1
|
||
|
schedule_window = 60
|
||
|
search = | geturlhausfilter
|
||
|
|
||
|
[malware-filter Update vn-badsite-filter-splunk.csv]
|
||
|
action.lookup = 1
|
||
|
action.lookup.filename = vn-badsite-filter-splunk.csv
|
||
|
cron_schedule = 0 */12 * * *
|
||
|
description = Update lookup every 12 hours from 00:00
|
||
|
dispatch.earliest_time = -12h
|
||
|
enableSched = 1
|
||
|
schedule_window = 60
|
||
|
search = | getvnbadsitefilter
|