python/jc
1
0
Fork 0
mirror of https://github.com/kellyjonbrazil/jc.git synced 2026-04-07 17:57:03 +02:00
Code Issues Releases Activity
Files
dev
jc/tests/fixtures/generic/cef-streaming.json

2 lines
10 KiB
JSON
Raw Permalink Normal View History

add cef tests
2022-08-20 13:38:20 -07:00
[{"deviceVendor":"Fortinet","deviceProduct":"FortiDeceptor","deviceVersion":"3.2.0","deviceEventClassId":"1","name":"SYSTEM","agentSeverity":"1","CEFVersion":0,"date":"2020-12-08","time":"16:59:33","logid":"0136000001","type":"event","subtype":"attack","level":"alert","user":"system","ui":"GUI","action":"Incident_Detection","status":"success","reason":"none","EventID":"1845921387423247329","IncidentID":"1845921507147395878","Tagkey":"192.168.100.1:59840:192.168.100.21:1836840592250413230","AttackerIP":"192.168.100.1","AttackerPort":"59840","VictimIP":"192.168.100.21","VictimPort":"445","Operation":"Logon_via_net_share","Service":"SAMBA","Username":"glen","Password":"lovely","Description":"\"SAMBA Login with password: lovely\"\"","agentSeverityString":"Low","agentSeverityNum":1,"deviceEventClassIdNum":1},{"deviceVendor":"Fortinet","deviceProduct":"FortiDeceptor","deviceVersion":"3.2.0","deviceEventClassId":"1","name":"SYSTEM","agentSeverity":"1","CEFVersion":0,"date":"2020-12-08","time":"16:59:33","logid":"0136000001","type":"event","subtype":"attack","level":"alert","user":"system","ui":"GUI","action":"Incident_Detection","status":"success","reason":"none","EventID":"1845921387423247329","IncidentID":"1845921507147395878","Tagkey":"192.168.100.1:59840:192.168.100.21:1836840592250413230","AttackerIP":"192.168.100.1","AttackerPort":"59840","VictimIP":"192.168.100.21","VictimPort":"445","Operation":"Logon_via_net_share","Service":"SAMBA","Username":"glen","Password":"lovely","Description":"\"this is a description\"\"","agentSeverityString":"Low","agentSeverityNum":1,"deviceEventClassIdNum":1},{"deviceVendor":"Trend Micro","deviceProduct":"Deep Security Agent","deviceVersion":"<DSA version>","deviceEventClassId":"4000000","name":"Eicar_test_file","agentSeverity":"6","CEFVersion":0,"dvchost":"hostname","string":"hello \"world\" this is a backslash: \\ and this is a bracket ]!","another":"field","Host_ID":1,"Quarantine":205,"agentSeverityString":"Medium","agentSeverityNum":6,"deviceEventClassIdNum":4000000},{"deviceVendor":"Trend Micro","deviceProduct":"Deep Security Agent","deviceVersion":"<DSA version>","deviceEventClassId":"4000000","name":"Eicar_test_file","agentSeverity":"Medium","CEFVersion":0,"dvchost":"hostname","filePath":"C:\\Users\\trend\\Desktop\\eicar.exe","act":"Delete","result":"Delete","msg":"Realtime","TrendMicroDsMalwareTarget":"N/A","N_TrendMicroDsFileMD5":"44D88612FEA8A8F36DE82E1278ABB02F","TrendMicroDsFileSHA1":"3395856CE81F2B7382DEE72602F798B642F14140","TrendMicroDsFileSHA256":"275A021BBFB6489E54D471899F7DB9D1663FC695EC2FE2A2C4538AABF651FD0F","TrendMicroDsDetectionConfidence":"95","TrendMicroDsRelevantDetectionNames":"Ransom_CERBER.BZC;Ransom_CERBER.C;Ransom_CRYPNISCA.SM","Host_ID":1,"Quarantine_File_Size":205,"Container":"ContainerImageName | ContainerName | ContainerID","agentSeverityString":"Medium","agentSeverityNum":null,"deviceEventClassIdNum":4000000},{"deviceVendor":"Trend Micro","deviceProduct":"Deep Security Agent","deviceVersion":"<DSA version>","deviceEventClassId":"4000000","name":"Eicar_test_file","agentSeverity":"6","CEFVersion":0,"dvchost":"hostname","string":"hello \"world\" this is a backslash: \\ and this is a bracket ] this is equal =, this is pipe |, this is newline \n and another newline \n the end!","another":"field","Host_ID":1,"Quarantine":205,"agentSeverityString":"Medium","agentSeverityNum":6,"deviceEventClassIdNum":4000000},{"deviceVendor":"Trend Micro","deviceProduct":"Deep Security Agent","deviceVersion":"<DSA version>","deviceEventClassId":"4000000","name":"Eicar_test_file","agentSeverity":"6","CEFVersion":0,"dvchost":"hostname","string":"hello \"world\" this is a backslash: \\ and this is a bracket ]!","another":"field","start":"Nov 08 2020 12:30:00.111 UTC","start_epoch":1604867400,"start_epoch_utc":1604838600,"Host_ID":1,"Quarantine":205,"myDate":"Nov 08 2022 12:30:00.111","myDate_epoch":1667939400,"myDate_epoch_utc":null,"myFloat":3.14,"myTimestampDate":"1660966164045","myTimestampDate_epoch":1660966164,"myTimestampDate_epoch_utc":null,"agentSeverityString":"Medium","ag
Reference in New Issue Copy Permalink