alert syslog $EXTERNAL_NET any -> $HOME_NET any (msg: "[BIT9] Computer reported that signature on file is invalid"; content: "reported that signature on file"; content: "is invalid"; content: "Bit9 event"; parse_src_ip: 1; program: 1|bit9; classtype: system-event; sid: 5002925; rev:1;)
-- Main.Sagan-Wiki-Add - 2016-8-30 New revisions of 5002925 will be below...
alert any $EXTERNAL_NET any -> $HOME_NET any (msg: "[CARBONBLACK] Computer reported that signature on file is invalid"; content: "reported that signature on file"; content: "is invalid"; content: "event"; parse_src_ip: 1; program: 1|bit9|carbonblack; classtype: system-event; sid: 5002925; rev:3;)
-- Main.Sagan-Wiki-Add - 2021-4-12
Edit | Attach | Topic revision: r1 - 2016-08-30 - Sagan-Wiki-Add
Site map
Main web
Users
Groups
Index
Search
Changes
Notifications
RSS Feed
Statistics
Preferences
Copyright © 2008-2021 by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding TWiki? Send feedback