paulmataruso/main
1
0
Fork 0
mirror of https://github.com/socfortress/Wazuh-Rules.git synced 2025-11-02 04:43:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
ab0ec432dfc9cc5660b15fed521006f547ae20c2
main/Maltrail
History
taylor_socfortress 220bc35b3e Create maltrail_decoders.xml
2023-03-23 07:05:08 -05:00
..
100630-maltrail.xml
Create 100630-maltrail.xml
2023-03-23 07:03:45 -05:00
maltrail_decoders.xml
Create maltrail_decoders.xml
2023-03-23 07:05:08 -05:00
README.MD
Update README.MD
2023-03-23 07:04:30 -05:00

README.MD

maltrail-wazuh-decoder-and-rules

Maltrail decoder and rules for Wazuh Open Source Security Platform.

Initial pull request

https://github.com/wazuh/wazuh/pull/7031

Adding Maltrail rules and decoders

Ref: https://documentation.wazuh.com/current/user-manual/ruleset/custom.html

NOTE: IDs 0510 and 0705 are the original ones from https://github.com/wazuh/wazuh/pull/7031 .

You must use your own IDs for Maltrail rules and decoder in Wazuh implementations you have in the range from 100000 to 120000 due to Wazuh's requirements: Adding new decoders and rules.

Authors

  • Michael Muenz
  • Julián Morales

Links

Maltrail Project

Wazuh Project

Reference in New Issue View Git Blame Copy Permalink