From 1da0dbe474b9b382edd1f78ace0d74060a6f5484 Mon Sep 17 00:00:00 2001 From: Alex Dworjan Date: Thu, 19 Oct 2023 14:16:29 -0400 Subject: [PATCH] restore exiting winlogbeat --- .ansible-sign/sha256sum.txt | 2 +- .ansible-sign/sha256sum.txt.sig | 22 ++++++++++---------- roles/winlogbeat/templates/winlogbeat.yml.j2 | 2 +- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.ansible-sign/sha256sum.txt b/.ansible-sign/sha256sum.txt index 721e23b..5b45514 100644 --- a/.ansible-sign/sha256sum.txt +++ b/.ansible-sign/sha256sum.txt @@ -53,7 +53,7 @@ fba914c608f1a6ccdad971355139b98f0670fc8e7d51d13dca7a6e65bdc82429 roles/snort_bu eec62140ff6f456fb2fd45adaa8f69866c23ca8ec124ab1abfea08bcca7dccc6 roles/winlogbeat/defaults/main.yml a06c3bed9503b47cfa11d61ff3609dde83b4599b522160f5e14f13088df5ebaf roles/winlogbeat/handlers/main.yml 9780c8e92510aba03fff312c5cc461d8f1b866b269311e16628da76a95bfbafb roles/winlogbeat/tasks/main.yml -9a49b6c03b7fae17462ab2deaf4fd045341c9993dc76846c0bb21026970b556e roles/winlogbeat/templates/winlogbeat.yml.j2 +862d892300d6fa0c92d6272448c9ebfbb11087845d2d05b9f43d27041a4d05ba roles/winlogbeat/templates/winlogbeat.yml.j2 f15fd50d2ee1d7cd5043153a707948b5897de8b1a544b226b33d493f4fe98f95 snortbuildconfig.yml 117d2f3e9d48d0d59d5dcfca9c9829295c1039c7204784c68978778db75e288a templates/cpu-rules.yml.j2 ff3bc0d052a72eb88bf093b9a2b9f31946032ab78dc7c4c742017f161f38763f templates/disk-rules.yml.j2 diff --git a/.ansible-sign/sha256sum.txt.sig b/.ansible-sign/sha256sum.txt.sig index e3c867e..fe62c60 100644 --- a/.ansible-sign/sha256sum.txt.sig +++ b/.ansible-sign/sha256sum.txt.sig @@ -1,14 +1,14 @@ -----BEGIN PGP SIGNATURE----- -iQGzBAABCAAdFiEE/bJvyFHKKJdaZDOLTiIiIXrUDNEFAmUxZgcACgkQTiIiIXrU -DNGmHwv/f9D/HHoMiK9q6TMd/NzEgLkMBAXud1aRAUBCkKjwPY5MQx9fUlE+kUur -nkEE139PUqFu8IntaFLCrjP40H2SymzoMwN5kYmUpE6QhJly5sQE9+X5Xh7D/c4q -sxHuyxBfY9TrSFZbTQuXjgfD7RWhfqf/zHRwNTsHa8T+WL1vg0fkW51VAeZMOsuS -gJGNAH3i+H8Ba1XItKIQWZxoqTuyU9GiPAig81xFDHOAbaVc9dy2kc6W+qYl3aY9 -/ynDNaKSs3PySbrA+rNiIGXh44zQI8E3NmEVJUvR8SoKsqdwEYOFstuxy+22Eods -BOzkfia01XvHzQgHhW4LT792ij7fDfYN7Ovr9tvrbuPGMZKmcdObz1/T/cgnYdbS -Yj8wek7flD2xmAj8bRg1YSC7t6REFSRLs47Imc37mq/BqhrK5hf3+btVN8mcGHbD -HlLln8eQlFBg3DUn1HoDWWuHE01i3WFc3WWICHRfx1yKeR24WmK6YZKm5aFYIhHP -0MCx1e0P -=6t9A +iQGzBAABCAAdFiEE/bJvyFHKKJdaZDOLTiIiIXrUDNEFAmUxcnEACgkQTiIiIXrU +DNFy5QwAn/Yc1QfA/3ttI/71RG3fe+YYAUjcRHDNRsk3OOJ0beuZcOvin76ntexp +zWNIcKhz64fGTZqSFblmknSquBi9/5XyqPetfjJH0iNupx7Ix07WTKYPhjGGY/U5 +J2jacekjSiOVY7girnDo8hNC8bqilMLRI4wVw87KnC0bTAXkjHS7rjlBr86qSp2u +NO04sTI970rk5AjYWM49dBTyj8S+0vUPm2HbCD065PqQb2fuamA35b1gP1PJ/ZyV +lwRfGyWxzFfh+6oyGV2ZRk9EIHyUvTamP4Yh8JpF7Hxla+0e7yP9QFORyUEgZqBc +0xODFCIuRnWBQjNzwS6inCnKyOqA00I+QyZNnUbvSdyTFnG0YgPudP/kf3HHYFP+ +cuDMqB4RarsO9GYWHF9fg5Hx8nGC/XJeZ3ca6+eg05/NNAdASTdKyw1hr2AcFXQn +JFFD1n28UEIUEFo/rzTDJT4883tY7ep9lXnVucEwvJD0mAmaJQWNkUxeZWo0EfNH +qjyauLqH +=BsNT -----END PGP SIGNATURE----- diff --git a/roles/winlogbeat/templates/winlogbeat.yml.j2 b/roles/winlogbeat/templates/winlogbeat.yml.j2 index 42ed888..e97301d 100644 --- a/roles/winlogbeat/templates/winlogbeat.yml.j2 +++ b/roles/winlogbeat/templates/winlogbeat.yml.j2 @@ -21,7 +21,7 @@ winlogbeat.event_logs: event_id: 200, 400, 403, 500, 501, 600, 800 - name: Microsoft-Windows-PowerShell/Operational - event_id: 4100, 4103, 4104, 4105, 4106, 4950, 5025 + event_id: 4100, 4103, 4104, 4105, 4106 - name: ForwardedEvents tags: [forwarded]