Skip to content

Commit

Permalink
dcerpc: check for app-layer metadata in alert
Browse files Browse the repository at this point in the history 
Ticket: 6090
  • Loading branch information
@catenacyber @victorjulien
catenacyber authored and victorjulien committed Jun 22, 2024
1 parent 5231687 commit ee526ed
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions tests/dcerpc/dcerpc-dce-opnum/test.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,13 @@ checks:
match:
event_type: alert
alert.signature_id: 1
- filter:
min-version: 8
count: 1
match:
event_type: alert
alert.signature_id: 1
dcerpc.req.opnum: 4
- filter:
count: 2
match:
Expand Down

0 comments on commit ee526ed

Please sign in to comment.