HEX

Warning: set_time_limit() [function.set-time-limit]: Cannot set time limit - prohibited by configuration in /home/u547966/brikov.ru/www/wp-content/plugins/admin-menu-editor/menu-editor.php on line 745
Server: Apache
System: Linux 4.19.0-0.bpo.9-amd64 x86_64 at red40
User: u547966 (5490)
PHP: 5.3.29-mh2
Disabled: syslog, dl, popen, proc_open, proc_nice, proc_get_status, proc_close, proc_terminate, posix_mkfifo, chown, chgrp, accelerator_reset, opcache_reset, accelerator_get_status, opcache_get_status, pcntl_alarm, pcntl_fork, pcntl_waitpid, pcntl_wait, pcntl_wifexited, pcntl_wifstopped, pcntl_wifsignaled, pcntl_wifcontinued, pcntl_wexitstatus, pcntl_wtermsig, pcntl_wstopsig, pcntl_signal, pcntl_signal_dispatch, pcntl_get_last_error, pcntl_strerror, pcntl_sigprocmask, pcntl_sigwaitinfo, pcntl_sigtimedwait, pcntl_exec, pcntl_getpriority, pcntl_setpriority
$ pwd: /usr/share/filebeat/module/crowdstrike/falcon/ingest/
Upload Files
File: //usr/share/filebeat/module/crowdstrike/falcon/ingest/auth_activity_audit.yml
processors:
  - set:
      field: event.kind
      value: event
  - append:
      field: event.category
      value: [authentication]
  - append:
      field: event.type
      value: [change]
  - set:
      field: event.dataset
      value: crowdstrike.falcon_audit
  - convert:
      field: crowdstrike.event.ServiceName
      type: string
      target_field: message
      ignore_failure: true
      ignore_missing: true
  - convert:
      field: crowdstrike.event.UserIp
      target_field: source.ip
      type: ip
      ignore_missing: true
      ignore_failure: true
  - script:
      lang: painless
      source: |
        def regex = /([a-z0-9])([A-Z])/;
        def replacement = "$1_$2";
        def action = ctx?.crowdstrike?.event?.OperationName;
        if (action == null || action == "") return;
        ctx["event.action"] = regex.matcher(action).replaceAll(replacement).toLowerCase();
@ Telegram