search

splunk / splunk-add-on-microsoft-azure

Splunk Add-on for Microsoft Azure
Apache License 2.0
11 stars 9 forks source link

azure_vuln eventtype search is broken #19

Closed ashurack closed 1 year ago

ashurack commented 2 years ago

Typo in the azure_vuln stanza. Should be brought into one line.

Invalid key in stanza [azure_vuln] in /opt/splunk/etc/apps/TA-MS-AAD/default/eventtypes.conf, line 40: properties.additionalData.cve{}.title (value: *)).

https://github.com/splunk/splunk-add-on-microsoft-azure/blob/4.0.2/package/default/eventtypes.conf#L38-L40

JasonConger commented 1 year ago

Addressed in 4.0.3