зеркало из https://github.com/mozilla/MozDef.git
26 строки
542 B
JSON
26 строки
542 B
JSON
{
|
|
// severity to (de-)escalate the alert to/from in the case
|
|
// that movement from one ASN to another is detected in the alert.
|
|
"asn_movement_severity": "DEBUG",
|
|
// Default severity of alert
|
|
"severity": "INFO",
|
|
"localities": {
|
|
"es_index": "localities",
|
|
"valid_duration_days": 1,
|
|
"radius_kilometres": 50
|
|
},
|
|
"events": {
|
|
"search_window": {
|
|
"minutes": 5
|
|
},
|
|
"lucene_query": "tags:auth0"
|
|
},
|
|
"whitelist": {
|
|
"users": [],
|
|
"cidrs": []
|
|
},
|
|
"factors": {
|
|
"asn_movement": null
|
|
}
|
|
}
|