Skip to content

Commit

Permalink
rename new rule files to avoid name collisions
Browse files Browse the repository at this point in the history
  • Loading branch information
@ben-githubs
ben-githubs committed Nov 4, 2024
1 parent ed1ee3c commit b783946
Show file tree
Hide file tree
Showing 25 changed files with 13 additions and 13 deletions.
2 changes: 1 addition & 1 deletion correlation_rules/snowflake_potential_brute_force_success.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ Description: Detecting brute force activity and reporting when a user has incorr
Detection:
- Sequence:
- ID: Multiple Failed Logins
RuleID: Snowflake.Stream.BruteForceByIP
RuleID: Snowflake.Stream.BruteForceByIp
MinMatchCount: 5
- ID: Successful Login
RuleID: Snowflake.Stream.LoginSuccess
Expand Down
0 ...rules/snowflake_account_admin_assigned.py → ...nowflake_stream_account_admin_assigned.py
View file
File renamed without changes.
2 changes: 1 addition & 1 deletion ...ules/snowflake_account_admin_assigned.yml → ...owflake_stream_account_admin_assigned.yml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
AnalysisType: rule
Filename: snowflake_account_admin_assigned.py
Filename: snowflake_stream_account_admin_assigned.py
RuleID: "Snowflake.Stream.AccountAdminGranted"
DisplayName: Snowflake Account Admin Granted
Enabled: true
Expand Down
0 ...lake_rules/snowflake_brute_force_by_ip.py → ...les/snowflake_stream_brute_force_by_ip.py
View file
File renamed without changes.
2 changes: 1 addition & 1 deletion ...ake_rules/snowflake_brute_force_by_ip.yml → ...es/snowflake_stream_brute_force_by_ip.yml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
AnalysisType: rule
Filename: snowflake_brute_force_by_ip.py
Filename: snowflake_stream_brute_force_by_ip.py
RuleID: "Snowflake.Stream.BruteForceByIp"
DisplayName: Snowflake Brute Force Attacks by IP
Enabled: true
Expand Down
0 ...ules/snowflake_brute_force_by_username.py → ...owflake_stream_brute_force_by_username.py
View file
File renamed without changes.
2 changes: 1 addition & 1 deletion ...les/snowflake_brute_force_by_username.yml → ...wflake_stream_brute_force_by_username.yml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
AnalysisType: rule
Filename: snowflake_brute_force_by_username.py
Filename: snowflake_stream_brute_force_by_username.py
RuleID: "Snowflake.Stream.BruteForceByUsername"
DisplayName: Snowflake Brute Force Attacks by User
Enabled: true
Expand Down
0 ...wflake_rules/snowflake_external_shares.py → ...rules/snowflake_stream_external_shares.py
View file
File renamed without changes.
2 changes: 1 addition & 1 deletion ...flake_rules/snowflake_external_shares.yml → ...ules/snowflake_stream_external_shares.yml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
AnalysisType: rule
Filename: snowflake_external_shares.py
Filename: snowflake_stream_external_shares.py
RuleID: Snowflake.Stream.ExternalShares
DisplayName: Snowflake External Data Share
Enabled: true
Expand Down
0 ...wflake_rules/snowflake_file_downloaded.py → ...rules/snowflake_stream_file_downloaded.py
View file
File renamed without changes.
2 changes: 1 addition & 1 deletion ...flake_rules/snowflake_file_downloaded.yml → ...ules/snowflake_stream_file_downloaded.yml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
AnalysisType: rule
Filename: snowflake_file_downloaded.py
Filename: snowflake_stream_file_downloaded.py
RuleID: Snowflake.Stream.FileDownloaded
DisplayName: Snowflake File Downloaded
Enabled: true
Expand Down
0 ...nowflake_rules/snowflake_login_success.py → ...e_rules/snowflake_stream_login_success.py
View file
File renamed without changes.
2 changes: 1 addition & 1 deletion ...owflake_rules/snowflake_login_success.yml → ..._rules/snowflake_stream_login_success.yml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
AnalysisType: rule
Filename: snowflake_login_success.py
Filename: snowflake_stream_login_success.py
RuleID: Snowflake.Stream.LoginSuccess
DisplayName: Snowflake Successful Login
Enabled: true
Expand Down
0 ...lake_rules/snowflake_login_without_mfa.py → ...les/snowflake_stream_login_without_mfa.py
View file
File renamed without changes.
2 changes: 1 addition & 1 deletion ...ake_rules/snowflake_login_without_mfa.yml → ...es/snowflake_stream_login_without_mfa.yml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
AnalysisType: rule
Filename: snowflake_login_without_mfa.py
Filename: snowflake_stream_login_without_mfa.py
RuleID: Snowflake.Stream.LoginWithoutMFA
DisplayName: Snowflake Login Without MFA
Enabled: false
Expand Down
0 ...lake_rules/snowflake_public_role_grant.py → ...les/snowflake_stream_public_role_grant.py
View file
File renamed without changes.
2 changes: 1 addition & 1 deletion ...ake_rules/snowflake_public_role_grant.yml → ...es/snowflake_stream_public_role_grant.yml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
AnalysisType: rule
Filename: snowflake_public_role_grant.py
Filename: snowflake_stream_public_role_grant.py
RuleID: Snowflake.Stream.PublicRoleGrant
DisplayName: Snowflake Grant to Public Role
Enabled: true
Expand Down
0 ...ules/snowflake_table_copied_into_stage.py → ...owflake_stream_table_copied_into_stage.py
View file
File renamed without changes.
2 changes: 1 addition & 1 deletion ...les/snowflake_table_copied_into_stage.yml → ...wflake_stream_table_copied_into_stage.yml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
AnalysisType: rule
Filename: snowflake_table_copied_into_stage.py
Filename: snowflake_stream_table_copied_into_stage.py
RuleID: Snowflake.Stream.TableCopiedIntoStage
DisplayName: Snowflake Table Copied Into Stage
Enabled: true
Expand Down
0 ...ake_rules/snowflake_temp_stage_created.py → ...es/snowflake_stream_temp_stage_created.py
View file
File renamed without changes.
2 changes: 1 addition & 1 deletion ...ke_rules/snowflake_temp_stage_created.yml → ...s/snowflake_stream_temp_stage_created.yml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
AnalysisType: rule
Filename: snowflake_temp_stage_created.py
Filename: snowflake_stream_temp_stage_created.py
RuleID: Snowflake.Stream.TempStageCreated
DisplayName: Snowflake Temporary Stage Created
Enabled: true
Expand Down
0 ...snowflake_rules/snowflake_user_created.py → ...ke_rules/snowflake_stream_user_created.py
View file
File renamed without changes.
2 changes: 1 addition & 1 deletion ...nowflake_rules/snowflake_user_created.yml → ...e_rules/snowflake_stream_user_created.yml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
AnalysisType: rule
Filename: snowflake_user_created.py
Filename: snowflake_stream_user_created.py
RuleID: Snowflake.Stream.UserCreated
DisplayName: Snowflake User Created
Enabled: false
Expand Down
0 ...snowflake_rules/snowflake_user_enabled.py → ...ke_rules/snowflake_stream_user_enabled.py
View file
File renamed without changes.
2 changes: 1 addition & 1 deletion ...nowflake_rules/snowflake_user_enabled.yml → ...e_rules/snowflake_stream_user_enabled.yml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
AnalysisType: rule
Filename: snowflake_user_enabled.py
Filename: snowflake_stream_user_enabled.py
RuleID: Snowflake.Stream.UserEnabled
DisplayName: Snowflake User Enabled
Enabled: true
Expand Down

0 comments on commit b783946

Please sign in to comment.