mig/actions/tests_windows.json

{
    "name": "Some tests for windows",
    "description": {
        "author": "Julien Vehent",
        "email": "ulfr@mozilla.com",
        "revision": 201409031800
    },
    "target": "agents.environment->>'os' = 'windows'",
    "threat": {
        "level": "-",
        "family": "test"
    },
    "operations": [
        {
            "module": "file",
            "parameters": {
                "etchosts": {
                    "paths": [
                        "C:\\Windows\\System32\\drivers\\etc\\hosts"
                    ],
                    "regexes": [
                        "localhost",
                        "127.0.0.1"
                    ]
                },
                "systemsearch": {
                    "paths": [
                        "C:\\Windows\\System32\\"
                    ],
                    "md5": [
                        "c6e35b4cdad5ee02f14215facc710c85"
                    ]
                }
            }
        }
    ],
    "syntaxversion": 2
}
[major] Windows Agent!!! (required logging refactoring and some bug fixes) 2014-07-30 21:09:43 +04:00			`{`
			`"name": "Some tests for windows",`
			`"description": {`
			`"author": "Julien Vehent",`
			`"email": "ulfr@mozilla.com",`
[doc] updated example actions to new filechecker format 2014-09-04 02:07:21 +04:00			`"revision": 201409031800`
[major] Windows Agent!!! (required logging refactoring and some bug fixes) 2014-07-30 21:09:43 +04:00			`},`
[doc] update targets in example actions 2015-02-12 01:09:26 +03:00			`"target": "agents.environment->>'os' = 'windows'",`
[major] Windows Agent!!! (required logging refactoring and some bug fixes) 2014-07-30 21:09:43 +04:00			`"threat": {`
			`"level": "-",`
			`"family": "test"`
			`},`
			`"operations": [`
			`{`
[doc] fix module name in example actions 2015-01-21 04:44:14 +03:00			`"module": "file",`
[major] Windows Agent!!! (required logging refactoring and some bug fixes) 2014-07-30 21:09:43 +04:00			`"parameters": {`
[doc] updated example actions to new filechecker format 2014-09-04 02:07:21 +04:00			`"etchosts": {`
			`"paths": [`
			`"C:\\Windows\\System32\\drivers\\etc\\hosts"`
			`],`
			`"regexes": [`
			`"localhost",`
			`"127.0.0.1"`
			`]`
[major] Windows Agent!!! (required logging refactoring and some bug fixes) 2014-07-30 21:09:43 +04:00			`},`
[doc] updated example actions to new filechecker format 2014-09-04 02:07:21 +04:00			`"systemsearch": {`
			`"paths": [`
			`"C:\\Windows\\System32\\"`
			`],`
			`"md5": [`
			`"c6e35b4cdad5ee02f14215facc710c85"`
			`]`
[major] Windows Agent!!! (required logging refactoring and some bug fixes) 2014-07-30 21:09:43 +04:00			`}`
			`}`
			`}`
			`],`
[major] Action Syntax Version 2: use SQL WHERE condition in target search 2014-08-26 17:55:17 +04:00			`"syntaxversion": 2`
[major] Windows Agent!!! (required logging refactoring and some bug fixes) 2014-07-30 21:09:43 +04:00			`}`