diff --git a/_shared_content/operations_center/integrations/generated/270777d7-0c5a-42fb-b901-b7fadfb0ba48.md b/_shared_content/operations_center/integrations/generated/270777d7-0c5a-42fb-b901-b7fadfb0ba48.md index 1e63fd4785..909fb8c41c 100644 --- a/_shared_content/operations_center/integrations/generated/270777d7-0c5a-42fb-b901-b7fadfb0ba48.md +++ b/_shared_content/operations_center/integrations/generated/270777d7-0c5a-42fb-b901-b7fadfb0ba48.md @@ -470,6 +470,105 @@ Find below few samples of events and how they are normalized by Sekoia.io. ``` +=== "severity.json" + + ```json + + { + "message": "time=12:05:11 devname=\"\"test_devname\"\" devid=\"\"FPX4H00000000\"\" eventtime=1700561112025540398 tz=\"\"+0100\"\" logid=\"\"0419013452\"\" type=\"\"utm\"\" subtype=\"\"ips\"\" eventtype=\"\"signature\"\" level=\"\"alert\"\" vd=\"\"root\"\" severity=\"\"medium\"\" srcip=1.2.3.4 srccountry=\"\"Reserved\"\" dstip=1.2.3.4 dstcountry=\"\"France\"\" srcintf=\"\"port_test\"\" srcintfrole=\"\"undefined\"\" dstintf=\"\"port_test\"\" dstintfrole=\"\"undefined\"\" sessionid=123412341234 action=\"\"dropped\"\" proto=6 service=\"\"HTTPS\"\" policyid=13 poluuid=\"\"721c4202-0000-51ed-225e-00000000\"\" policytype=\"\"policy\"\" attack=\"\"attack_test\"\" srcport=51234 dstport=123 hostname=\"\"test.net\"\" url=\"\"test.js\"\" direction=\"\"incoming\"\" attackid=43212 profile=\"\"test-client\"\" ref=\"\"http://www.test.com/id\"\" user=\"\"00001111\"\" group=\"\"test_group\"\" incidentserialno=12341234 msg=\"\"msg_test\"\" crscore=10 craction=12121 crlevel=\"\"medium\"\"", + "event": { + "category": "ips", + "kind": "utm", + "start": "2023-11-21T10:05:12Z" + }, + "action": { + "name": "dropped", + "type": "signature" + }, + "destination": { + "address": "test.net", + "domain": "test.net", + "geo": { + "country_name": "France" + }, + "ip": "1.2.3.4", + "port": 123, + "registered_domain": "test.net", + "top_level_domain": "net" + }, + "fortinet": { + "devid": "FPX4H00000000", + "dstintfrole": "undefined", + "group": "test_group", + "level": "alert", + "logid": "0419013452", + "msg": "msg_test", + "policyid": "13", + "policytype": "policy", + "poluuid": "721c4202-0000-51ed-225e-00000000", + "profile": "test-client", + "proto": "6", + "sessionid": "123412341234", + "severity": "medium", + "srcintfrole": "undefined", + "vd": "root" + }, + "network": { + "protocol": "tcp" + }, + "observer": { + "egress": { + "interface": { + "name": "port_test" + } + }, + "hostname": "test_devname", + "ingress": { + "interface": { + "name": "port_test" + } + }, + "product": "FortiProxy", + "type": "proxy", + "vendor": "Fortinet" + }, + "related": { + "hosts": [ + "test.net", + "test_devname" + ], + "ip": [ + "1.2.3.4" + ], + "user": [ + "00001111" + ] + }, + "service": { + "name": "https" + }, + "source": { + "address": "1.2.3.4", + "geo": { + "country_name": "Reserved" + }, + "ip": "1.2.3.4", + "port": 51234 + }, + "url": { + "domain": "test.net", + "full": "test.nettest.js", + "original": "test.js", + "path": "test.js" + }, + "user": { + "name": "00001111" + } + } + + ``` + + === "traffic-http-transaction.json" ```json