diff --git a/contentctl.yml b/contentctl.yml index 5f224e985d..203318285b 100644 --- a/contentctl.yml +++ b/contentctl.yml @@ -137,9 +137,9 @@ apps: - uid: 1876 title: Splunk Add-on for AWS appid: Splunk_TA_aws - version: 7.8.0 + version: 7.9.0 description: description of app - hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-amazon-web-services-aws_780.tgz + hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-amazon-web-services-aws_790.tgz - uid: 3088 title: Splunk Add-on for Google Cloud Platform appid: SPLUNK_ADD_ON_FOR_GOOGLE_CLOUD_PLATFORM @@ -161,9 +161,9 @@ apps: - uid: 4055 title: Splunk Add-on for Microsoft Office 365 appid: SPLUNK_ADD_ON_FOR_MICROSOFT_OFFICE_365 - version: 4.6.0 + version: 4.7.0 description: description of app - hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-microsoft-office-365_460.tgz + hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-microsoft-office-365_470.tgz - uid: 2890 title: Splunk Machine Learning Toolkit appid: SPLUNK_MACHINE_LEARNING_TOOLKIT diff --git a/data_sources/aws_cloudfront.yml b/data_sources/aws_cloudfront.yml index 1400f32c2f..c4f146026d 100644 --- a/data_sources/aws_cloudfront.yml +++ b/data_sources/aws_cloudfront.yml @@ -9,7 +9,7 @@ sourcetype: aws:cloudfront:accesslogs supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail.yml b/data_sources/aws_cloudtrail.yml index c78b3aa32c..af1afc59c0 100644 --- a/data_sources/aws_cloudtrail.yml +++ b/data_sources/aws_cloudtrail.yml @@ -10,4 +10,4 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 diff --git a/data_sources/aws_cloudtrail_assumerolewithsaml.yml b/data_sources/aws_cloudtrail_assumerolewithsaml.yml index 72a59101ec..ef4041930f 100644 --- a/data_sources/aws_cloudtrail_assumerolewithsaml.yml +++ b/data_sources/aws_cloudtrail_assumerolewithsaml.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_consolelogin.yml b/data_sources/aws_cloudtrail_consolelogin.yml index 58c0680484..0ddc77ce93 100644 --- a/data_sources/aws_cloudtrail_consolelogin.yml +++ b/data_sources/aws_cloudtrail_consolelogin.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_copyobject.yml b/data_sources/aws_cloudtrail_copyobject.yml index af436ffcae..44fabed1bb 100644 --- a/data_sources/aws_cloudtrail_copyobject.yml +++ b/data_sources/aws_cloudtrail_copyobject.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - additionalEventData.AuthenticationMethod diff --git a/data_sources/aws_cloudtrail_createaccesskey.yml b/data_sources/aws_cloudtrail_createaccesskey.yml index ee16fdf61e..4834e03b5d 100644 --- a/data_sources/aws_cloudtrail_createaccesskey.yml +++ b/data_sources/aws_cloudtrail_createaccesskey.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_createkey.yml b/data_sources/aws_cloudtrail_createkey.yml index e2e5558352..8c2aa289b1 100644 --- a/data_sources/aws_cloudtrail_createkey.yml +++ b/data_sources/aws_cloudtrail_createkey.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_createloginprofile.yml b/data_sources/aws_cloudtrail_createloginprofile.yml index 58af82c30a..7f09482a94 100644 --- a/data_sources/aws_cloudtrail_createloginprofile.yml +++ b/data_sources/aws_cloudtrail_createloginprofile.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_createnetworkaclentry.yml b/data_sources/aws_cloudtrail_createnetworkaclentry.yml index 9b9691d078..b9eb2d9e66 100644 --- a/data_sources/aws_cloudtrail_createnetworkaclentry.yml +++ b/data_sources/aws_cloudtrail_createnetworkaclentry.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_createpolicyversion.yml b/data_sources/aws_cloudtrail_createpolicyversion.yml index d0460c7249..49b4ea9e54 100644 --- a/data_sources/aws_cloudtrail_createpolicyversion.yml +++ b/data_sources/aws_cloudtrail_createpolicyversion.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_createsnapshot.yml b/data_sources/aws_cloudtrail_createsnapshot.yml index a2399c10fc..d8140341e4 100644 --- a/data_sources/aws_cloudtrail_createsnapshot.yml +++ b/data_sources/aws_cloudtrail_createsnapshot.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_createtask.yml b/data_sources/aws_cloudtrail_createtask.yml index d3d9b4ab0f..64c885e902 100644 --- a/data_sources/aws_cloudtrail_createtask.yml +++ b/data_sources/aws_cloudtrail_createtask.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_createvirtualmfadevice.yml b/data_sources/aws_cloudtrail_createvirtualmfadevice.yml index fc456a999f..579ea87956 100644 --- a/data_sources/aws_cloudtrail_createvirtualmfadevice.yml +++ b/data_sources/aws_cloudtrail_createvirtualmfadevice.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deactivatemfadevice.yml b/data_sources/aws_cloudtrail_deactivatemfadevice.yml index 3c92dc2d44..bfef68070f 100644 --- a/data_sources/aws_cloudtrail_deactivatemfadevice.yml +++ b/data_sources/aws_cloudtrail_deactivatemfadevice.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deleteaccountpasswordpolicy.yml b/data_sources/aws_cloudtrail_deleteaccountpasswordpolicy.yml index ee3b0b9c82..3998089a44 100644 --- a/data_sources/aws_cloudtrail_deleteaccountpasswordpolicy.yml +++ b/data_sources/aws_cloudtrail_deleteaccountpasswordpolicy.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deletealarms.yml b/data_sources/aws_cloudtrail_deletealarms.yml index 98d2395efb..d7b436d019 100644 --- a/data_sources/aws_cloudtrail_deletealarms.yml +++ b/data_sources/aws_cloudtrail_deletealarms.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deletedetector.yml b/data_sources/aws_cloudtrail_deletedetector.yml index ce9406543a..df3b6cea4e 100644 --- a/data_sources/aws_cloudtrail_deletedetector.yml +++ b/data_sources/aws_cloudtrail_deletedetector.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_deletegroup.yml b/data_sources/aws_cloudtrail_deletegroup.yml index 688e96e193..f383f21440 100644 --- a/data_sources/aws_cloudtrail_deletegroup.yml +++ b/data_sources/aws_cloudtrail_deletegroup.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deleteipset.yml b/data_sources/aws_cloudtrail_deleteipset.yml index 1f76149345..9e70698a5f 100644 --- a/data_sources/aws_cloudtrail_deleteipset.yml +++ b/data_sources/aws_cloudtrail_deleteipset.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_deleteloggroup.yml b/data_sources/aws_cloudtrail_deleteloggroup.yml index 31b740396c..936f52788a 100644 --- a/data_sources/aws_cloudtrail_deleteloggroup.yml +++ b/data_sources/aws_cloudtrail_deleteloggroup.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - apiVersion diff --git a/data_sources/aws_cloudtrail_deletelogstream.yml b/data_sources/aws_cloudtrail_deletelogstream.yml index 4841aec219..591ea64693 100644 --- a/data_sources/aws_cloudtrail_deletelogstream.yml +++ b/data_sources/aws_cloudtrail_deletelogstream.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - apiVersion diff --git a/data_sources/aws_cloudtrail_deletenetworkaclentry.yml b/data_sources/aws_cloudtrail_deletenetworkaclentry.yml index 8c53796b86..7c0003f08b 100644 --- a/data_sources/aws_cloudtrail_deletenetworkaclentry.yml +++ b/data_sources/aws_cloudtrail_deletenetworkaclentry.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deletepolicy.yml b/data_sources/aws_cloudtrail_deletepolicy.yml index 096c4026e2..44cd10188c 100644 --- a/data_sources/aws_cloudtrail_deletepolicy.yml +++ b/data_sources/aws_cloudtrail_deletepolicy.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deleterule.yml b/data_sources/aws_cloudtrail_deleterule.yml index f2b725a0e0..545fbcec9a 100644 --- a/data_sources/aws_cloudtrail_deleterule.yml +++ b/data_sources/aws_cloudtrail_deleterule.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - apiVersion diff --git a/data_sources/aws_cloudtrail_deletesnapshot.yml b/data_sources/aws_cloudtrail_deletesnapshot.yml index 82866ae3d2..6b586a2a3e 100644 --- a/data_sources/aws_cloudtrail_deletesnapshot.yml +++ b/data_sources/aws_cloudtrail_deletesnapshot.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deletetrail.yml b/data_sources/aws_cloudtrail_deletetrail.yml index 88bf30f9f2..1555fafdac 100644 --- a/data_sources/aws_cloudtrail_deletetrail.yml +++ b/data_sources/aws_cloudtrail_deletetrail.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_deletevirtualmfadevice.yml b/data_sources/aws_cloudtrail_deletevirtualmfadevice.yml index d2f8003473..e03ef28b7d 100644 --- a/data_sources/aws_cloudtrail_deletevirtualmfadevice.yml +++ b/data_sources/aws_cloudtrail_deletevirtualmfadevice.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deletewebacl.yml b/data_sources/aws_cloudtrail_deletewebacl.yml index f92db83a7e..2368ae2314 100644 --- a/data_sources/aws_cloudtrail_deletewebacl.yml +++ b/data_sources/aws_cloudtrail_deletewebacl.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - apiVersion diff --git a/data_sources/aws_cloudtrail_describeeventaggregates.yml b/data_sources/aws_cloudtrail_describeeventaggregates.yml index a5e0230d21..ae72fb9931 100644 --- a/data_sources/aws_cloudtrail_describeeventaggregates.yml +++ b/data_sources/aws_cloudtrail_describeeventaggregates.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_describeimagescanfindings.yml b/data_sources/aws_cloudtrail_describeimagescanfindings.yml index cf68317cb3..79696cbffc 100644 --- a/data_sources/aws_cloudtrail_describeimagescanfindings.yml +++ b/data_sources/aws_cloudtrail_describeimagescanfindings.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_getaccountpasswordpolicy.yml b/data_sources/aws_cloudtrail_getaccountpasswordpolicy.yml index 793f643fe7..376fecc828 100644 --- a/data_sources/aws_cloudtrail_getaccountpasswordpolicy.yml +++ b/data_sources/aws_cloudtrail_getaccountpasswordpolicy.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_getobject.yml b/data_sources/aws_cloudtrail_getobject.yml index f0df3b9d63..27d29dea5d 100644 --- a/data_sources/aws_cloudtrail_getobject.yml +++ b/data_sources/aws_cloudtrail_getobject.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - additionalEventData.AuthenticationMethod diff --git a/data_sources/aws_cloudtrail_getpassworddata.yml b/data_sources/aws_cloudtrail_getpassworddata.yml index 43085b0811..fc6857d804 100644 --- a/data_sources/aws_cloudtrail_getpassworddata.yml +++ b/data_sources/aws_cloudtrail_getpassworddata.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_jobcreated.yml b/data_sources/aws_cloudtrail_jobcreated.yml index 5b07052a21..b33710f139 100644 --- a/data_sources/aws_cloudtrail_jobcreated.yml +++ b/data_sources/aws_cloudtrail_jobcreated.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_modifydbinstance.yml b/data_sources/aws_cloudtrail_modifydbinstance.yml index 5aa82d23e4..813b021c40 100644 --- a/data_sources/aws_cloudtrail_modifydbinstance.yml +++ b/data_sources/aws_cloudtrail_modifydbinstance.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_modifyimageattribute.yml b/data_sources/aws_cloudtrail_modifyimageattribute.yml index 0cca19f5ba..e73a70ec35 100644 --- a/data_sources/aws_cloudtrail_modifyimageattribute.yml +++ b/data_sources/aws_cloudtrail_modifyimageattribute.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_modifysnapshotattribute.yml b/data_sources/aws_cloudtrail_modifysnapshotattribute.yml index b71ea90df8..373a15ede9 100644 --- a/data_sources/aws_cloudtrail_modifysnapshotattribute.yml +++ b/data_sources/aws_cloudtrail_modifysnapshotattribute.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_putbucketacl.yml b/data_sources/aws_cloudtrail_putbucketacl.yml index 072a543d8b..10765a8703 100644 --- a/data_sources/aws_cloudtrail_putbucketacl.yml +++ b/data_sources/aws_cloudtrail_putbucketacl.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_putbucketlifecycle.yml b/data_sources/aws_cloudtrail_putbucketlifecycle.yml index dd1735e739..c9d8491a16 100644 --- a/data_sources/aws_cloudtrail_putbucketlifecycle.yml +++ b/data_sources/aws_cloudtrail_putbucketlifecycle.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - additionalEventData.AuthenticationMethod diff --git a/data_sources/aws_cloudtrail_putbucketreplication.yml b/data_sources/aws_cloudtrail_putbucketreplication.yml index 750030b709..50c9bb4051 100644 --- a/data_sources/aws_cloudtrail_putbucketreplication.yml +++ b/data_sources/aws_cloudtrail_putbucketreplication.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - additionalEventData.AuthenticationMethod diff --git a/data_sources/aws_cloudtrail_putbucketversioning.yml b/data_sources/aws_cloudtrail_putbucketversioning.yml index 84822548b5..4d928ee0d2 100644 --- a/data_sources/aws_cloudtrail_putbucketversioning.yml +++ b/data_sources/aws_cloudtrail_putbucketversioning.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - additionalEventData.AuthenticationMethod diff --git a/data_sources/aws_cloudtrail_putimage.yml b/data_sources/aws_cloudtrail_putimage.yml index e58d7beaf2..707c03fcf6 100644 --- a/data_sources/aws_cloudtrail_putimage.yml +++ b/data_sources/aws_cloudtrail_putimage.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_putkeypolicy.yml b/data_sources/aws_cloudtrail_putkeypolicy.yml index 884fde1d98..9b2786fadb 100644 --- a/data_sources/aws_cloudtrail_putkeypolicy.yml +++ b/data_sources/aws_cloudtrail_putkeypolicy.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_replacenetworkaclentry.yml b/data_sources/aws_cloudtrail_replacenetworkaclentry.yml index 0971fe7242..4ce1405960 100644 --- a/data_sources/aws_cloudtrail_replacenetworkaclentry.yml +++ b/data_sources/aws_cloudtrail_replacenetworkaclentry.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_setdefaultpolicyversion.yml b/data_sources/aws_cloudtrail_setdefaultpolicyversion.yml index e6203dfbf5..9797971379 100644 --- a/data_sources/aws_cloudtrail_setdefaultpolicyversion.yml +++ b/data_sources/aws_cloudtrail_setdefaultpolicyversion.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_stoplogging.yml b/data_sources/aws_cloudtrail_stoplogging.yml index 40f573bf75..f285ce143e 100644 --- a/data_sources/aws_cloudtrail_stoplogging.yml +++ b/data_sources/aws_cloudtrail_stoplogging.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_updateaccountpasswordpolicy.yml b/data_sources/aws_cloudtrail_updateaccountpasswordpolicy.yml index 302b3d86f2..de90a002fe 100644 --- a/data_sources/aws_cloudtrail_updateaccountpasswordpolicy.yml +++ b/data_sources/aws_cloudtrail_updateaccountpasswordpolicy.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_updateloginprofile.yml b/data_sources/aws_cloudtrail_updateloginprofile.yml index ec0fb755c7..6978637a08 100644 --- a/data_sources/aws_cloudtrail_updateloginprofile.yml +++ b/data_sources/aws_cloudtrail_updateloginprofile.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_updatesamlprovider.yml b/data_sources/aws_cloudtrail_updatesamlprovider.yml index 089450c766..2f2cd5b188 100644 --- a/data_sources/aws_cloudtrail_updatesamlprovider.yml +++ b/data_sources/aws_cloudtrail_updatesamlprovider.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_updatetrail.yml b/data_sources/aws_cloudtrail_updatetrail.yml index 77e7134208..f22ec6b7ba 100644 --- a/data_sources/aws_cloudtrail_updatetrail.yml +++ b/data_sources/aws_cloudtrail_updatetrail.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudwatchlogs_vpcflow.yml b/data_sources/aws_cloudwatchlogs_vpcflow.yml index 826f3aa9ed..b20242046f 100644 --- a/data_sources/aws_cloudwatchlogs_vpcflow.yml +++ b/data_sources/aws_cloudwatchlogs_vpcflow.yml @@ -9,7 +9,7 @@ sourcetype: aws:cloudwatchlogs:vpcflow separator: eventName supported_TA: - name: Splunk Add-on for AWS - version: 7.8.0 + version: 7.9.0 url: https://splunkbase.splunk.com/app/1876 fields: - _raw diff --git a/data_sources/aws_security_hub.yml b/data_sources/aws_security_hub.yml index ad32432bb8..5d4d52b2e7 100644 --- a/data_sources/aws_security_hub.yml +++ b/data_sources/aws_security_hub.yml @@ -9,7 +9,7 @@ sourcetype: aws:securityhub:finding supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - AwsAccountId diff --git a/data_sources/o365.yml b/data_sources/o365.yml index 8965438bc8..8102ea7c9f 100644 --- a/data_sources/o365.yml +++ b/data_sources/o365.yml @@ -10,4 +10,4 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 diff --git a/data_sources/o365_add_app_role_assignment_grant_to_user_.yml b/data_sources/o365_add_app_role_assignment_grant_to_user_.yml index c17e7e4bd8..89ececa0d0 100644 --- a/data_sources/o365_add_app_role_assignment_grant_to_user_.yml +++ b/data_sources/o365_add_app_role_assignment_grant_to_user_.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - ActorContextId diff --git a/data_sources/o365_add_app_role_assignment_to_service_principal_.yml b/data_sources/o365_add_app_role_assignment_to_service_principal_.yml index 992993d3ad..365604ba84 100644 --- a/data_sources/o365_add_app_role_assignment_to_service_principal_.yml +++ b/data_sources/o365_add_app_role_assignment_to_service_principal_.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - ActorContextId diff --git a/data_sources/o365_add_mailboxpermission.yml b/data_sources/o365_add_mailboxpermission.yml index 365500a267..c4869abc7a 100644 --- a/data_sources/o365_add_mailboxpermission.yml +++ b/data_sources/o365_add_mailboxpermission.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - AccessRights diff --git a/data_sources/o365_add_member_to_role_.yml b/data_sources/o365_add_member_to_role_.yml index 177c1ba5f8..c2403e0b25 100644 --- a/data_sources/o365_add_member_to_role_.yml +++ b/data_sources/o365_add_member_to_role_.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - ActorContextId diff --git a/data_sources/o365_add_owner_to_application_.yml b/data_sources/o365_add_owner_to_application_.yml index 79a4166a10..fdeccc791b 100644 --- a/data_sources/o365_add_owner_to_application_.yml +++ b/data_sources/o365_add_owner_to_application_.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - ActorContextId diff --git a/data_sources/o365_add_service_principal_.yml b/data_sources/o365_add_service_principal_.yml index addb76753d..ae338dcc71 100644 --- a/data_sources/o365_add_service_principal_.yml +++ b/data_sources/o365_add_service_principal_.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - ActorContextId diff --git a/data_sources/o365_change_user_license_.yml b/data_sources/o365_change_user_license_.yml index 6042232c27..17222c9261 100644 --- a/data_sources/o365_change_user_license_.yml +++ b/data_sources/o365_change_user_license_.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - ActorContextId diff --git a/data_sources/o365_consent_to_application_.yml b/data_sources/o365_consent_to_application_.yml index 37a5e65766..4b96c68d96 100644 --- a/data_sources/o365_consent_to_application_.yml +++ b/data_sources/o365_consent_to_application_.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - ActorContextId diff --git a/data_sources/o365_disable_strong_authentication_.yml b/data_sources/o365_disable_strong_authentication_.yml index 9c99438447..53f37fa0ab 100644 --- a/data_sources/o365_disable_strong_authentication_.yml +++ b/data_sources/o365_disable_strong_authentication_.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - ActorContextId diff --git a/data_sources/o365_mailitemsaccessed.yml b/data_sources/o365_mailitemsaccessed.yml index 80be9cd987..d2bad265dc 100644 --- a/data_sources/o365_mailitemsaccessed.yml +++ b/data_sources/o365_mailitemsaccessed.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - AppId diff --git a/data_sources/o365_modifyfolderpermissions.yml b/data_sources/o365_modifyfolderpermissions.yml index b1621f16e7..bf6d9f1855 100644 --- a/data_sources/o365_modifyfolderpermissions.yml +++ b/data_sources/o365_modifyfolderpermissions.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - AppId diff --git a/data_sources/o365_set_company_information_.yml b/data_sources/o365_set_company_information_.yml index 3b95185816..d40cca2fcb 100644 --- a/data_sources/o365_set_company_information_.yml +++ b/data_sources/o365_set_company_information_.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - ActorContextId diff --git a/data_sources/o365_set_mailbox.yml b/data_sources/o365_set_mailbox.yml index 52bc624f6d..30ebad4b33 100644 --- a/data_sources/o365_set_mailbox.yml +++ b/data_sources/o365_set_mailbox.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - AppId diff --git a/data_sources/o365_update_application_.yml b/data_sources/o365_update_application_.yml index 12481c69f8..f78faf1948 100644 --- a/data_sources/o365_update_application_.yml +++ b/data_sources/o365_update_application_.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - ActorContextId diff --git a/data_sources/o365_update_authorization_policy_.yml b/data_sources/o365_update_authorization_policy_.yml index 31acfdecd4..b53bce2417 100644 --- a/data_sources/o365_update_authorization_policy_.yml +++ b/data_sources/o365_update_authorization_policy_.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - ActorContextId diff --git a/data_sources/o365_update_user_.yml b/data_sources/o365_update_user_.yml index 7af9a34bd2..5497544e68 100644 --- a/data_sources/o365_update_user_.yml +++ b/data_sources/o365_update_user_.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - ActorContextId diff --git a/data_sources/o365_userloggedin.yml b/data_sources/o365_userloggedin.yml index d85cf5ce7d..540450b496 100644 --- a/data_sources/o365_userloggedin.yml +++ b/data_sources/o365_userloggedin.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - ActorContextId diff --git a/data_sources/o365_userloginfailed.yml b/data_sources/o365_userloginfailed.yml index 2859aec950..b03d5032ae 100644 --- a/data_sources/o365_userloginfailed.yml +++ b/data_sources/o365_userloginfailed.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - ActorContextId