Skip to content

Commit

Permalink
Make rfc5424 field a boolean
Browse files Browse the repository at this point in the history
  • Loading branch information
@adriansr
adriansr committed Apr 19, 2021
1 parent 0fabc9f commit d739863
Show file tree
Hide file tree
Showing 81 changed files with 358 additions and 348 deletions.
4 changes: 2 additions & 2 deletions filebeat/docs/fields.asciidoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34359,9 +34359,9 @@ type: text
*`cyberarkpas.audit.rfc5424`*::
+
--
Whether the syslog format complies with RFC5424 (yes or no).
Whether the syslog format complies with RFC5424.

type: keyword
type: boolean

example: True

Expand Down
4 changes: 2 additions & 2 deletions x-pack/filebeat/module/cyberarkpas/audit/_meta/fields.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,8 +67,8 @@
description: The reason entered by the user.
norms: false
- name: rfc5424
type: keyword
description: Whether the syslog format complies with RFC5424 (yes or no).
type: boolean
description: Whether the syslog format complies with RFC5424.
example: yes
- name: safe
type: keyword
Expand Down
10 changes: 10 additions & 0 deletions x-pack/filebeat/module/cyberarkpas/audit/ingest/pipeline.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -291,6 +291,16 @@ processors:
}
ctx.cyberarkpas.audit = keys_to_snake_case_recursive(ctx.cyberarkpas.audit);
#
# Convert rfc5424 field to boolean.
#
- script:
description: 'Converts the rfc5424 audit field to a boolean'
lang: painless
source: >
def value = ctx.cyberarkpas.audit.rfc5424;
ctx.cyberarkpas.audit["rfc5424"] = value == 'yes';
########################################################
# ECS enrichment
#
Expand Down
12 changes: 6 additions & 6 deletions x-pack/filebeat/module/cyberarkpas/audit/test/105_add_file_category.log-expected.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@
"cyberarkpas.audit.issuer": "Administrator",
"cyberarkpas.audit.message": "Add File Category",
"cyberarkpas.audit.reason": "Value=[Address]",
"cyberarkpas.audit.rfc5424": "yes",
"cyberarkpas.audit.rfc5424": true,
"cyberarkpas.audit.safe": "Test",
"cyberarkpas.audit.severity": "Info",
"cyberarkpas.audit.station": "127.0.0.1",
Expand Down Expand Up @@ -56,7 +56,7 @@
"cyberarkpas.audit.iso_timestamp": "2021-03-10T09:11:54Z",
"cyberarkpas.audit.issuer": "PSMPApp_localhost.localdomain",
"cyberarkpas.audit.message": "Add File Category",
"cyberarkpas.audit.rfc5424": "yes",
"cyberarkpas.audit.rfc5424": true,
"cyberarkpas.audit.safe": "PSMPLiveSessions",
"cyberarkpas.audit.severity": "Info",
"cyberarkpas.audit.station": "81.32.170.205",
Expand Down Expand Up @@ -106,7 +106,7 @@
"cyberarkpas.audit.iso_timestamp": "2021-03-10T18:46:48Z",
"cyberarkpas.audit.issuer": "PSMApp_VAGRANT",
"cyberarkpas.audit.message": "Add File Category",
"cyberarkpas.audit.rfc5424": "yes",
"cyberarkpas.audit.rfc5424": true,
"cyberarkpas.audit.safe": "PSMLiveSessions",
"cyberarkpas.audit.severity": "Info",
"cyberarkpas.audit.station": "81.32.170.205",
Expand Down Expand Up @@ -157,7 +157,7 @@
"cyberarkpas.audit.issuer": "Administrator",
"cyberarkpas.audit.message": "Add File Category",
"cyberarkpas.audit.reason": "Value=[ASR-CYBERARK-WI]",
"cyberarkpas.audit.rfc5424": "yes",
"cyberarkpas.audit.rfc5424": true,
"cyberarkpas.audit.safe": "PSM",
"cyberarkpas.audit.severity": "Info",
"cyberarkpas.audit.station": "35.192.121.42",
Expand Down Expand Up @@ -207,7 +207,7 @@
"cyberarkpas.audit.iso_timestamp": "2021-03-10T22:20:12Z",
"cyberarkpas.audit.issuer": "PSMApp_ASR-WIN",
"cyberarkpas.audit.message": "Add File Category",
"cyberarkpas.audit.rfc5424": "yes",
"cyberarkpas.audit.rfc5424": true,
"cyberarkpas.audit.safe": "PSMLiveSessions",
"cyberarkpas.audit.severity": "Info",
"cyberarkpas.audit.station": "35.192.121.42",
Expand Down Expand Up @@ -258,7 +258,7 @@
"cyberarkpas.audit.issuer": "PSMPApp_VAGRANT",
"cyberarkpas.audit.message": "Add File Category",
"cyberarkpas.audit.raw": "<syslog>\n\n <audit_record>\n <Rfc5424>yes</Rfc5424>\n <Timestamp>Mar 11 08:59:58</Timestamp>\n <IsoTimestamp>2021-03-11T16:59:58Z</IsoTimestamp>\n <Hostname>VAULT</Hostname>\n <Vendor>Cyber-Ark</Vendor>\n <Product>Vault</Product>\n <Version>11.7.0000</Version>\n <MessageID>105</MessageID>\n <Desc>Add File Category</Desc>\n <Severity>Info</Severity>\n <Issuer>PSMPApp_VAGRANT</Issuer>\n <Action>Add File Category</Action>\n <SourceUser></SourceUser>\n <TargetUser></TargetUser>\n <Safe>PSMPLiveSessions</Safe>\n <File>Root\\PSMPApp_VAGRANT.LiveSessions</File>\n <Station>81.32.170.205</Station>\n <Location></Location>\n <Category>_PSMLiveSessions_1</Category>\n <RequestId></RequestId>\n <Reason></Reason>\n <ExtraDetails></ExtraDetails>\n <Message>Add File Category</Message>\n <GatewayStation></GatewayStation>\n </audit_record>\n\n</syslog>",
"cyberarkpas.audit.rfc5424": "yes",
"cyberarkpas.audit.rfc5424": true,
"cyberarkpas.audit.safe": "PSMPLiveSessions",
"cyberarkpas.audit.severity": "Info",
"cyberarkpas.audit.station": "81.32.170.205",
Expand Down
12 changes: 6 additions & 6 deletions x-pack/filebeat/module/cyberarkpas/audit/test/106_update_file_category.log-expected.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@
"cyberarkpas.audit.issuer": "Administrator",
"cyberarkpas.audit.message": "Update File Category",
"cyberarkpas.audit.reason": "Value=[components] Old Value=[Address]",
"cyberarkpas.audit.rfc5424": "yes",
"cyberarkpas.audit.rfc5424": true,
"cyberarkpas.audit.safe": "Test",
"cyberarkpas.audit.severity": "Info",
"cyberarkpas.audit.station": "127.0.0.1",
Expand Down Expand Up @@ -56,7 +56,7 @@
"cyberarkpas.audit.iso_timestamp": "2021-03-10T18:46:48Z",
"cyberarkpas.audit.issuer": "PSMApp_VAGRANT",
"cyberarkpas.audit.message": "Update File Category",
"cyberarkpas.audit.rfc5424": "yes",
"cyberarkpas.audit.rfc5424": true,
"cyberarkpas.audit.safe": "PSMLiveSessions",
"cyberarkpas.audit.severity": "Info",
"cyberarkpas.audit.station": "81.32.170.205",
Expand Down Expand Up @@ -106,7 +106,7 @@
"cyberarkpas.audit.iso_timestamp": "2021-03-10T22:20:12Z",
"cyberarkpas.audit.issuer": "PSMApp_ASR-WIN",
"cyberarkpas.audit.message": "Update File Category",
"cyberarkpas.audit.rfc5424": "yes",
"cyberarkpas.audit.rfc5424": true,
"cyberarkpas.audit.safe": "PSMLiveSessions",
"cyberarkpas.audit.severity": "Info",
"cyberarkpas.audit.station": "35.192.121.42",
Expand Down Expand Up @@ -157,7 +157,7 @@
"cyberarkpas.audit.issuer": "PSMPApp_VAGRANT",
"cyberarkpas.audit.message": "Update File Category",
"cyberarkpas.audit.raw": "<syslog>\n\n <audit_record>\n <Rfc5424>yes</Rfc5424>\n <Timestamp>Mar 11 09:38:26</Timestamp>\n <IsoTimestamp>2021-03-11T17:38:26Z</IsoTimestamp>\n <Hostname>VAULT</Hostname>\n <Vendor>Cyber-Ark</Vendor>\n <Product>Vault</Product>\n <Version>11.7.0000</Version>\n <MessageID>106</MessageID>\n <Desc>Update File Category</Desc>\n <Severity>Info</Severity>\n <Issuer>PSMPApp_VAGRANT</Issuer>\n <Action>Update File Category</Action>\n <SourceUser></SourceUser>\n <TargetUser></TargetUser>\n <Safe>PSMRecordings</Safe>\n <File>root\\87012dcc-8290-11eb-949e-080027efd402.session</File>\n <Station>81.32.170.205</Station>\n <Location></Location>\n <Category>PSMStatus</Category>\n <RequestId></RequestId>\n <Reason></Reason>\n <ExtraDetails></ExtraDetails>\n <Message>Update File Category</Message>\n <GatewayStation></GatewayStation>\n </audit_record>\n\n</syslog>",
"cyberarkpas.audit.rfc5424": "yes",
"cyberarkpas.audit.rfc5424": true,
"cyberarkpas.audit.safe": "PSMRecordings",
"cyberarkpas.audit.severity": "Info",
"cyberarkpas.audit.station": "81.32.170.205",
Expand Down Expand Up @@ -208,7 +208,7 @@
"cyberarkpas.audit.issuer": "PSMApp_ASR-WIN",
"cyberarkpas.audit.message": "Update File Category",
"cyberarkpas.audit.raw": "<syslog>\n\n <audit_record>\n <Rfc5424>yes</Rfc5424>\n <Timestamp>Mar 11 12:10:33</Timestamp>\n <IsoTimestamp>2021-03-11T20:10:33Z</IsoTimestamp>\n <Hostname>VAULT</Hostname>\n <Vendor>Cyber-Ark</Vendor>\n <Product>Vault</Product>\n <Version>11.7.0000</Version>\n <MessageID>106</MessageID>\n <Desc>Update File Category</Desc>\n <Severity>Info</Severity>\n <Issuer>PSMApp_ASR-WIN</Issuer>\n <Action>Update File Category</Action>\n <SourceUser></SourceUser>\n <TargetUser></TargetUser>\n <Safe>PSMLiveSessions</Safe>\n <File>Root\\PSM-ASR-CYBERARK-WI.LiveSessions</File>\n <Station>34.66.114.180</Station>\n <Location></Location>\n <Category>_PSMLiveSessions_1</Category>\n <RequestId></RequestId>\n <Reason></Reason>\n <ExtraDetails></ExtraDetails>\n <Message>Update File Category</Message>\n <GatewayStation></GatewayStation>\n </audit_record>\n\n</syslog>",
"cyberarkpas.audit.rfc5424": "yes",
"cyberarkpas.audit.rfc5424": true,
"cyberarkpas.audit.safe": "PSMLiveSessions",
"cyberarkpas.audit.severity": "Info",
"cyberarkpas.audit.station": "34.66.114.180",
Expand Down Expand Up @@ -259,7 +259,7 @@
"cyberarkpas.audit.issuer": "PSMPApp_SSH",
"cyberarkpas.audit.message": "Update File Category",
"cyberarkpas.audit.raw": "<syslog>\n\n <audit_record>\n <Rfc5424>yes</Rfc5424>\n <Timestamp>Mar 14 06:49:38</Timestamp>\n <IsoTimestamp>2021-03-14T13:49:38Z</IsoTimestamp>\n <Hostname>VAULT</Hostname>\n <Vendor>Cyber-Ark</Vendor>\n <Product>Vault</Product>\n <Version>11.7.0000</Version>\n <MessageID>106</MessageID>\n <Desc>Update File Category</Desc>\n <Severity>Info</Severity>\n <Issuer>PSMPApp_SSH</Issuer>\n <Action>Update File Category</Action>\n <SourceUser></SourceUser>\n <TargetUser></TargetUser>\n <Safe>PSMPLiveSessions</Safe>\n <File>Root\\PSMPApp_SSH.LiveSessions</File>\n <Station>34.71.250.247</Station>\n <Location></Location>\n <Category>_PSMLiveSessions_1</Category>\n <RequestId></RequestId>\n <Reason></Reason>\n <ExtraDetails></ExtraDetails>\n <Message>Update File Category</Message>\n <GatewayStation></GatewayStation>\n </audit_record>\n\n</syslog>",
"cyberarkpas.audit.rfc5424": "yes",
"cyberarkpas.audit.rfc5424": true,
"cyberarkpas.audit.safe": "PSMPLiveSessions",
"cyberarkpas.audit.severity": "Info",
"cyberarkpas.audit.station": "34.71.250.247",
Expand Down
2 changes: 1 addition & 1 deletion x-pack/filebeat/module/cyberarkpas/audit/test/107_delete_file_category.log-expected.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
"cyberarkpas.audit.message": "Delete File Category",
"cyberarkpas.audit.raw": "<syslog>\n\n <audit_record>\n <Rfc5424>yes</Rfc5424>\n <Timestamp>Mar 15 03:22:24</Timestamp>\n <IsoTimestamp>2021-03-15T10:22:24Z</IsoTimestamp>\n <Hostname>VAULT</Hostname>\n <Vendor>Cyber-Ark</Vendor>\n <Product>Vault</Product>\n <Version>11.7.0000</Version>\n <MessageID>107</MessageID>\n <Desc>Delete File Category</Desc>\n <Severity>Info</Severity>\n <Issuer>Administrator</Issuer>\n <Action>Delete File Category</Action>\n <SourceUser></SourceUser>\n <TargetUser></TargetUser>\n <Safe>partner</Safe>\n <File>Root\\Operating System-UnixSSH-34.123.103.115-testark</File>\n <Station>127.0.0.1</Station>\n <Location></Location>\n <Category>LastFailDate</Category>\n <RequestId></RequestId>\n <Reason>Old Value=[1615803137]</Reason>\n <ExtraDetails></ExtraDetails>\n <Message>Delete File Category</Message>\n <GatewayStation>10.0.1.20</GatewayStation>\n </audit_record>\n\n</syslog>",
"cyberarkpas.audit.reason": "Old Value=[1615803137]",
"cyberarkpas.audit.rfc5424": "yes",
"cyberarkpas.audit.rfc5424": true,
"cyberarkpas.audit.safe": "partner",
"cyberarkpas.audit.severity": "Info",
"cyberarkpas.audit.station": "127.0.0.1",
Expand Down
2 changes: 1 addition & 1 deletion x-pack/filebeat/module/cyberarkpas/audit/test/124_rename_file.log-expected.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
"cyberarkpas.audit.issuer": "Administrator",
"cyberarkpas.audit.message": "Rename File",
"cyberarkpas.audit.raw": "<syslog>\n\n <audit_record>\n <Rfc5424>yes</Rfc5424>\n <Timestamp>Mar 14 06:42:20</Timestamp>\n <IsoTimestamp>2021-03-14T13:42:20Z</IsoTimestamp>\n <Hostname>VAULT</Hostname>\n <Vendor>Cyber-Ark</Vendor>\n <Product>Vault</Product>\n <Version>11.7.0000</Version>\n <MessageID>124</MessageID>\n <Desc>Rename File</Desc>\n <Severity>Info</Severity>\n <Issuer>Administrator</Issuer>\n <Action>Rename File</Action>\n <SourceUser></SourceUser>\n <TargetUser></TargetUser>\n <Safe>PSM</Safe>\n <File>Root\\Operating System-UnixSSH-34.123.103.115-PSMConnect</File>\n <Station>127.0.0.1</Station>\n <Location></Location>\n <Category></Category>\n <RequestId></RequestId>\n <Reason></Reason>\n <ExtraDetails></ExtraDetails>\n <Message>Rename File</Message>\n <GatewayStation>10.0.1.20</GatewayStation>\n </audit_record>\n\n</syslog>",
"cyberarkpas.audit.rfc5424": "yes",
"cyberarkpas.audit.rfc5424": true,
"cyberarkpas.audit.safe": "PSM",
"cyberarkpas.audit.severity": "Info",
"cyberarkpas.audit.station": "127.0.0.1",
Expand Down
2 changes: 1 addition & 1 deletion x-pack/filebeat/module/cyberarkpas/audit/test/125_rename_file_cont.log-expected.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
"cyberarkpas.audit.issuer": "Administrator",
"cyberarkpas.audit.message": "Rename File (Cont.)",
"cyberarkpas.audit.raw": "<syslog>\n\n <audit_record>\n <Rfc5424>yes</Rfc5424>\n <Timestamp>Mar 14 06:42:20</Timestamp>\n <IsoTimestamp>2021-03-14T13:42:20Z</IsoTimestamp>\n <Hostname>VAULT</Hostname>\n <Vendor>Cyber-Ark</Vendor>\n <Product>Vault</Product>\n <Version>11.7.0000</Version>\n <MessageID>125</MessageID>\n <Desc>Rename File (Cont.)</Desc>\n <Severity>Info</Severity>\n <Issuer>Administrator</Issuer>\n <Action>Rename File (Cont.)</Action>\n <SourceUser></SourceUser>\n <TargetUser></TargetUser>\n <Safe>PSM</Safe>\n <File>Operating System-UnixSSH-34.71.250.247-PSMConnect</File>\n <Station>127.0.0.1</Station>\n <Location></Location>\n <Category></Category>\n <RequestId></RequestId>\n <Reason></Reason>\n <ExtraDetails></ExtraDetails>\n <Message>Rename File (Cont.)</Message>\n <GatewayStation>10.0.1.20</GatewayStation>\n </audit_record>\n\n</syslog>",
"cyberarkpas.audit.rfc5424": "yes",
"cyberarkpas.audit.rfc5424": true,
"cyberarkpas.audit.safe": "PSM",
"cyberarkpas.audit.severity": "Info",
"cyberarkpas.audit.station": "127.0.0.1",
Expand Down
2 changes: 1 addition & 1 deletion x-pack/filebeat/module/cyberarkpas/audit/test/126_unlock_file.log-expected.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
"cyberarkpas.audit.iso_timestamp": "2021-03-10T18:33:34Z",
"cyberarkpas.audit.issuer": "Administrator",
"cyberarkpas.audit.message": "Unlock File",
"cyberarkpas.audit.rfc5424": "yes",
"cyberarkpas.audit.rfc5424": true,
"cyberarkpas.audit.safe": "PVWAConfig",
"cyberarkpas.audit.severity": "Info",
"cyberarkpas.audit.station": "127.0.0.1",
Expand Down
2 changes: 1 addition & 1 deletion x-pack/filebeat/module/cyberarkpas/audit/test/130_cpm_disable_password.log-expected.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@
"cyberarkpas.audit.message": "CPM Disable Password",
"cyberarkpas.audit.raw": "<syslog>\n\n <audit_record>\n <Rfc5424>yes</Rfc5424>\n <Timestamp>Mar 15 05:57:13</Timestamp>\n <IsoTimestamp>2021-03-15T12:57:13Z</IsoTimestamp>\n <Hostname>VAULT</Hostname>\n <Vendor>Cyber-Ark</Vendor>\n <Product>Vault</Product>\n <Version>11.7.0000</Version>\n <MessageID>130</MessageID>\n <Desc>CPM Disable Password</Desc>\n <Severity>Error</Severity>\n <Issuer>PasswordManager</Issuer>\n <Action>CPM Disable Password</Action>\n <SourceUser></SourceUser>\n <TargetUser></TargetUser>\n <Safe>partner</Safe>\n <File>Root\\Operating System-WinDomain-35.192.121.42-ELASTICbart</File>\n <Station>10.0.1.20</Station>\n <Location></Location>\n <Category></Category>\n <RequestId></RequestId>\n <Reason>MaxRetries. Failure Description: CACPM406E Reconciling Master Safe: partner, Folder: Root, Object: Operating System-WinDomain-35.192.121.42-ELASTICbart failed (try #5). Code: 2101, Error: Parameter Reconcile account is mandatory but has an empty value or is not defined\n</Reason>\n <ExtraDetails>address=34.66.114.180;retriescount=5;username=ELASTIC\\bart;</ExtraDetails>\n <Message>CPM Disable Password</Message>\n <GatewayStation></GatewayStation>\n <CAProperties>\n <CAProperty Name=\"PolicyID\" Value=\"WinDomain\"></CAProperty>\n <CAProperty Name=\"UserName\" Value=\"ELASTIC\\bart\"></CAProperty>\n <CAProperty Name=\"Address\" Value=\"34.66.114.180\"></CAProperty>\n <CAProperty Name=\"ResetImmediately\" Value=\"ReconcileTask\"></CAProperty>\n <CAProperty Name=\"CPMStatus\" Value=\"failure\"></CAProperty>\n <CAProperty Name=\"CPMDisabled\" Value=\"(CPM)MaxRetries\"></CAProperty>\n <CAProperty Name=\"RetriesCount\" Value=\"5\"></CAProperty>\n <CAProperty Name=\"LastFailDate\" Value=\"1615813031\"></CAProperty>\n <CAProperty Name=\"LastTask\" Value=\"ReconcileTask\"></CAProperty>\n <CAProperty Name=\"LogonDomain\" Value=\"34.66.114.180\"></CAProperty>\n <CAProperty Name=\"CPMErrorDetails\" Value=\"Parameter Reconcile account is mandatory but has an empty value or is not defined\"></CAProperty>\n <CAProperty Name=\"CreationMethod\" Value=\"PVWA\"></CAProperty>\n <CAProperty Name=\"DeviceType\" Value=\"Operating System\"></CAProperty>\n </CAProperties>\n </audit_record>\n\n</syslog>",
"cyberarkpas.audit.reason": "MaxRetries. Failure Description: CACPM406E Reconciling Master Safe: partner, Folder: Root, Object: Operating System-WinDomain-35.192.121.42-ELASTICbart failed (try #5). Code: 2101, Error: Parameter Reconcile account is mandatory but has an empty value or is not defined\n",
"cyberarkpas.audit.rfc5424": "yes",
"cyberarkpas.audit.rfc5424": true,
"cyberarkpas.audit.safe": "partner",
"cyberarkpas.audit.severity": "Error",
"cyberarkpas.audit.station": "10.0.1.20",
Expand Down
2 changes: 1 addition & 1 deletion x-pack/filebeat/module/cyberarkpas/audit/test/178_get_user_s_details.log-expected.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
"cyberarkpas.audit.issuer": "Administrator",
"cyberarkpas.audit.message": "Get User's Details",
"cyberarkpas.audit.raw": "<syslog>\n\n <audit_record>\n <Rfc5424>yes</Rfc5424>\n <Timestamp>Mar 11 10:45:23</Timestamp>\n <IsoTimestamp>2021-03-11T18:45:23Z</IsoTimestamp>\n <Hostname>VAULT</Hostname>\n <Vendor>Cyber-Ark</Vendor>\n <Product>Vault</Product>\n <Version>11.7.0000</Version>\n <MessageID>178</MessageID>\n <Desc>Get User's Details</Desc>\n <Severity>Error</Severity>\n <Issuer>Administrator</Issuer>\n <Action>Get User's Details</Action>\n <SourceUser>Master</SourceUser>\n <TargetUser></TargetUser>\n <Safe></Safe>\n <File></File>\n <Station>127.0.0.1</Station>\n <Location></Location>\n <Category></Category>\n <RequestId></RequestId>\n <Reason></Reason>\n <ExtraDetails></ExtraDetails>\n <Message>Get User's Details</Message>\n <GatewayStation></GatewayStation>\n </audit_record>\n\n</syslog>",
"cyberarkpas.audit.rfc5424": "yes",
"cyberarkpas.audit.rfc5424": true,
"cyberarkpas.audit.severity": "Error",
"cyberarkpas.audit.source_user": "Master",
"cyberarkpas.audit.station": "127.0.0.1",
Expand Down
Loading

0 comments on commit d739863

Please sign in to comment.