updated

Signed-off-by: h4l0gen <[email protected]>
falcosecurity · Mar 25, 2024 · efa83ca · efa83ca
1 parent 08a6c8b
commit efa83ca
Show file tree

Hide file tree

Showing 4 changed files with 446 additions and 445 deletions.
diff --git a/rules/falco-deprecated_rules.yaml b/rules/falco-deprecated_rules.yaml
@@ -111,8 +111,8 @@
     terminal=%proc.tty %container.info)
   priority: NOTICE
   tags: [
-      maturity_deprecated, host, container, network,
-      mitre_latera_movement, T1021.004
+    maturity_deprecated, host, container, network,
+    mitre_latera_movement, T1021.004
   ]
 
 # These rules and supporting macros are more of an example for how to
@@ -157,8 +157,8 @@
 
   priority: NOTICE
   tags: [
-      maturity_deprecated, host, container, network,
-      mitre_command_and_control, TA0011
+    maturity_deprecated, host, container, network,
+    mitre_command_and_control, TA0011
   ]
 # Use this to test whether the event occurred within a container.
 # When displaying container information in the output field, use
@@ -222,8 +222,8 @@
     terminal=%proc.tty %container.info)
   priority: WARNING
   tags: [
-      maturity_deprecated, container, network, mitre_discovery, TA0011,
-      NIST_800-53_CM-7
+    maturity_deprecated, container, network, mitre_discovery, TA0011,
+    NIST_800-53_CM-7
   ]
 
 - list: c2_server_ip_list
@@ -258,6 +258,6 @@
   priority: WARNING
   enabled: false
   tags: [
-      maturity_deprecated, host, container, network,
-      mitre_command_and_control, TA0011
+    maturity_deprecated, host, container, network,
+    mitre_command_and_control, TA0011
   ]