From 88acaea92391270cd49682eee6b312dafea0c2ce Mon Sep 17 00:00:00 2001 From: Laurence Jones Date: Wed, 20 Nov 2024 14:54:43 +0000 Subject: [PATCH] Readd alert context due to 1.6.4 (#1173) * Readd alert context due to 1.6.4 * Update index --------- Co-authored-by: GitHub Action --- .index.json | 8 ++++++-- contexts/crowdsecurity/appsec_base.yaml | 11 +++++++++++ 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/.index.json b/.index.json index 3a37b8b6da9..03950f67ede 100644 --- a/.index.json +++ b/.index.json @@ -6307,7 +6307,7 @@ "contexts": { "crowdsecurity/appsec_base": { "path": "contexts/crowdsecurity/appsec_base.yaml", - "version": "0.5", + "version": "0.6", "versions": { "0.1": { "digest": "df177378b9b01c6c8b67ff5085eda9325c67b337e31d60c4ea95f743783a5e24", @@ -6328,9 +6328,13 @@ "0.5": { "digest": "c6df9994a6e82165afa99df96993af81e12d6740e57a8955b96a0bc0a428e2aa", "deprecated": false + }, + "0.6": { + "digest": "9523c172a9aebbb4422d9cd39eb4ad89221053e522223f7c65ba0bf92f8fa8ff", + "deprecated": false } }, - "content": "Y29udGV4dDoKICBydWxlczoKICAgIC0gZXZ0Lk1ldGEucnVsZV9uYW1lCiAgdGFyZ2V0X3VyaToKICAgIC0gZXZ0Lk1ldGEudGFyZ2V0X3VyaQo=", + "content": "Y29udGV4dDoKICBydWxlczoKICAgIC0gZXZ0Lk1ldGEucnVsZV9uYW1lCiAgdGFyZ2V0X3VyaToKICAgIC0gZXZ0Lk1ldGEudGFyZ2V0X3VyaQogICAgLSBtYXRjaC51cmkKICBpZDoKICAgLSBtYXRjaC5pZAogIG5hbWU6CiAgIC0gbWF0Y2gubmFtZQogIG1ldGhvZDoKICAgLSBtYXRjaC5tZXRob2QKICBtYXRjaGVkX3pvbmVzOgogICAtIG1hdGNoLm1hdGNoZWRfem9uZXMKICBtc2c6CiAgIC0gbWF0Y2gubXNnCg==", "author": "crowdsecurity", "labels": null }, diff --git a/contexts/crowdsecurity/appsec_base.yaml b/contexts/crowdsecurity/appsec_base.yaml index 85bc472269d..f1edbeb1f0e 100644 --- a/contexts/crowdsecurity/appsec_base.yaml +++ b/contexts/crowdsecurity/appsec_base.yaml @@ -3,3 +3,14 @@ context: - evt.Meta.rule_name target_uri: - evt.Meta.target_uri + - match.uri + id: + - match.id + name: + - match.name + method: + - match.method + matched_zones: + - match.matched_zones + msg: + - match.msg