Skip to content

Commit aceab14

Browse files
author
Patrick Bareiss
committed
improvements to github detections
1 parent feaaae4 commit aceab14

File tree

2 files changed

+2
-2
lines changed

2 files changed

+2
-2
lines changed

detections/cloud/github_enterprise_remove_organization.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ data_source:
1515
- GitHub Enterprise Audit Logs
1616
search: '`github_enterprise` action=business.remove_organization
1717
| fillnull
18-
| stats count min(_time) as firstTime max(_time) as lastTime by actor, actor_id, actor_ip, actor_is_bot, actor_location.country_code, business, business_id, org, org_id, user_agent, action
18+
| stats count min(_time) as firstTime max(_time) as lastTime by actor, actor_id, actor_is_bot, actor_location.country_code, business, business_id, org, org_id, user_agent, action
1919
| eval user=actor
2020
| `security_content_ctime(firstTime)` | `security_content_ctime(lastTime)`
2121
| `github_enterprise_remove_organization_filter`'

detections/cloud/github_enterprise_repository_deleted.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ data_source:
1515
- GitHub Enterprise Audit Logs
1616
search: '`github_enterprise` action=repo.destroy
1717
| fillnull
18-
| stats count min(_time) as firstTime max(_time) as lastTime by actor, actor_id, actor_ip, actor_is_bot, actor_location.country_code, business, business_id, org, org_id, repo, repo_id, user_agent, visibility, action
18+
| stats count min(_time) as firstTime max(_time) as lastTime by actor, actor_id, actor_is_bot, actor_location.country_code, business, business_id, org, org_id, repo, repo_id, user_agent, visibility, action
1919
| eval user=actor
2020
| `security_content_ctime(firstTime)` | `security_content_ctime(lastTime)`
2121
| `github_enterprise_repository_deleted_filter`'

0 commit comments

Comments
 (0)