Update 900000-exclusion_rules.xml

2025-10-23 00:02:11 +00:00 · 2025-07-03 10:32:25 -05:00
parent dbe19557bd
commit 3225f84874
1 changed files with 2 additions and 2 deletions
--- a/Rules/900000-exclusion_rules.xml
+++ b/Rules/900000-exclusion_rules.xml
@@ -838,8 +838,8 @@
  <!-- Exclude Graylog Java Process for Tetragon -->
  <rule id="900117" level="1">
    <if_sid>700002</if_sid>
-    <field name="process.kprobe.process.binary" type="pcre2">^\/usr\/share\/graylog-server\/jvm\/bin\/java$</field>
-    <description>Exclude ossec</description>
+    <field name="process_kprobe.process.binary" type="pcre2">^\/usr\/share\/graylog\-server\/jvm\/bin\/java$</field>
+    <description>Exclude Graylog Java</description>
    <options>no_full_log</options>
  </rule>
  <!-- Exclude Ossec Process -->