From edd6f6b51207caf5f5a958f1cc9e11ce1b565734 Mon Sep 17 00:00:00 2001 From: Kostas Papageorgiou Date: Thu, 14 Dec 2023 15:01:32 +0200 Subject: [PATCH] Remove tailscale selectors --- lookup_tables/greynoise/advanced/noise_advanced.yml | 10 ---------- lookup_tables/greynoise/advanced/riot_advanced.yml | 10 ---------- lookup_tables/greynoise/basic/noise_basic.yml | 10 ---------- lookup_tables/ipinfo/ipinfo_asn.yml | 10 ---------- lookup_tables/ipinfo/ipinfo_asn_datalake.yml | 10 ---------- lookup_tables/ipinfo/ipinfo_location.yml | 10 ---------- lookup_tables/ipinfo/ipinfo_location_datalake.yml | 10 ---------- lookup_tables/ipinfo/ipinfo_privacy.yml | 10 ---------- lookup_tables/ipinfo/ipinfo_privacy_datalake.yml | 10 ---------- lookup_tables/tor/tor_exit_nodes.yml | 10 ---------- 10 files changed, 100 deletions(-) diff --git a/lookup_tables/greynoise/advanced/noise_advanced.yml b/lookup_tables/greynoise/advanced/noise_advanced.yml index a09f5d3c3..11b978f8d 100644 --- a/lookup_tables/greynoise/advanced/noise_advanced.yml +++ b/lookup_tables/greynoise/advanced/noise_advanced.yml @@ -422,16 +422,6 @@ LogTypeMap: - LogType: Sysdig.Audit Selectors: - "$.content.userOriginIP" - - LogType: Tailscale.Network - Selectors: - - "$.event.virtualTraffic[].srcIp" - - "$.event.virtualTraffic[].dstIp" - - "$.event.subnetTraffic[].srcIp" - - "$.event.subnetTraffic[].dstIp" - - "$.event.exitTraffic[].srcIp" - - "$.event.exitTraffic[].dstIp" - - "$.event.physicalTraffic[].srcIp" - - "$.event.physicalTraffic[].dstIp" - LogType: Tines.Audit Selectors: - "request_ip" diff --git a/lookup_tables/greynoise/advanced/riot_advanced.yml b/lookup_tables/greynoise/advanced/riot_advanced.yml index ae82a0797..6348c01c1 100644 --- a/lookup_tables/greynoise/advanced/riot_advanced.yml +++ b/lookup_tables/greynoise/advanced/riot_advanced.yml @@ -422,16 +422,6 @@ LogTypeMap: - LogType: Sysdig.Audit Selectors: - "$.content.userOriginIP" - - LogType: Tailscale.Network - Selectors: - - "$.event.virtualTraffic[].srcIp" - - "$.event.virtualTraffic[].dstIp" - - "$.event.subnetTraffic[].srcIp" - - "$.event.subnetTraffic[].dstIp" - - "$.event.exitTraffic[].srcIp" - - "$.event.exitTraffic[].dstIp" - - "$.event.physicalTraffic[].srcIp" - - "$.event.physicalTraffic[].dstIp" - LogType: Tines.Audit Selectors: - "request_ip" diff --git a/lookup_tables/greynoise/basic/noise_basic.yml b/lookup_tables/greynoise/basic/noise_basic.yml index dcb235596..9be4bd1c3 100644 --- a/lookup_tables/greynoise/basic/noise_basic.yml +++ b/lookup_tables/greynoise/basic/noise_basic.yml @@ -422,16 +422,6 @@ LogTypeMap: - LogType: Sysdig.Audit Selectors: - "$.content.userOriginIP" - - LogType: Tailscale.Network - Selectors: - - "$.event.virtualTraffic[].srcIp" - - "$.event.virtualTraffic[].dstIp" - - "$.event.subnetTraffic[].srcIp" - - "$.event.subnetTraffic[].dstIp" - - "$.event.exitTraffic[].srcIp" - - "$.event.exitTraffic[].dstIp" - - "$.event.physicalTraffic[].srcIp" - - "$.event.physicalTraffic[].dstIp" - LogType: Tines.Audit Selectors: - "request_ip" diff --git a/lookup_tables/ipinfo/ipinfo_asn.yml b/lookup_tables/ipinfo/ipinfo_asn.yml index a9f7602d7..5aee66a28 100644 --- a/lookup_tables/ipinfo/ipinfo_asn.yml +++ b/lookup_tables/ipinfo/ipinfo_asn.yml @@ -422,16 +422,6 @@ LogTypeMap: - LogType: Sysdig.Audit Selectors: - "$.content.userOriginIP" - - LogType: Tailscale.Network - Selectors: - - "$.event.virtualTraffic[].srcIp" - - "$.event.virtualTraffic[].dstIp" - - "$.event.subnetTraffic[].srcIp" - - "$.event.subnetTraffic[].dstIp" - - "$.event.exitTraffic[].srcIp" - - "$.event.exitTraffic[].dstIp" - - "$.event.physicalTraffic[].srcIp" - - "$.event.physicalTraffic[].dstIp" - LogType: Tines.Audit Selectors: - "request_ip" diff --git a/lookup_tables/ipinfo/ipinfo_asn_datalake.yml b/lookup_tables/ipinfo/ipinfo_asn_datalake.yml index de1b02e2f..ee6b613af 100644 --- a/lookup_tables/ipinfo/ipinfo_asn_datalake.yml +++ b/lookup_tables/ipinfo/ipinfo_asn_datalake.yml @@ -422,16 +422,6 @@ LogTypeMap: - LogType: Sysdig.Audit Selectors: - "$.content.userOriginIP" - - LogType: Tailscale.Network - Selectors: - - "$.event.virtualTraffic[].srcIp" - - "$.event.virtualTraffic[].dstIp" - - "$.event.subnetTraffic[].srcIp" - - "$.event.subnetTraffic[].dstIp" - - "$.event.exitTraffic[].srcIp" - - "$.event.exitTraffic[].dstIp" - - "$.event.physicalTraffic[].srcIp" - - "$.event.physicalTraffic[].dstIp" - LogType: Tines.Audit Selectors: - "request_ip" diff --git a/lookup_tables/ipinfo/ipinfo_location.yml b/lookup_tables/ipinfo/ipinfo_location.yml index 9aff65042..c49741798 100644 --- a/lookup_tables/ipinfo/ipinfo_location.yml +++ b/lookup_tables/ipinfo/ipinfo_location.yml @@ -422,16 +422,6 @@ LogTypeMap: - LogType: Sysdig.Audit Selectors: - "$.content.userOriginIP" - - LogType: Tailscale.Network - Selectors: - - "$.event.virtualTraffic[].srcIp" - - "$.event.virtualTraffic[].dstIp" - - "$.event.subnetTraffic[].srcIp" - - "$.event.subnetTraffic[].dstIp" - - "$.event.exitTraffic[].srcIp" - - "$.event.exitTraffic[].dstIp" - - "$.event.physicalTraffic[].srcIp" - - "$.event.physicalTraffic[].dstIp" - LogType: Tines.Audit Selectors: - "request_ip" diff --git a/lookup_tables/ipinfo/ipinfo_location_datalake.yml b/lookup_tables/ipinfo/ipinfo_location_datalake.yml index da657eeb9..9f22a415f 100644 --- a/lookup_tables/ipinfo/ipinfo_location_datalake.yml +++ b/lookup_tables/ipinfo/ipinfo_location_datalake.yml @@ -422,16 +422,6 @@ LogTypeMap: - LogType: Sysdig.Audit Selectors: - "$.content.userOriginIP" - - LogType: Tailscale.Network - Selectors: - - "$.event.virtualTraffic[].srcIp" - - "$.event.virtualTraffic[].dstIp" - - "$.event.subnetTraffic[].srcIp" - - "$.event.subnetTraffic[].dstIp" - - "$.event.exitTraffic[].srcIp" - - "$.event.exitTraffic[].dstIp" - - "$.event.physicalTraffic[].srcIp" - - "$.event.physicalTraffic[].dstIp" - LogType: Tines.Audit Selectors: - "request_ip" diff --git a/lookup_tables/ipinfo/ipinfo_privacy.yml b/lookup_tables/ipinfo/ipinfo_privacy.yml index da7781172..375ebf5a3 100644 --- a/lookup_tables/ipinfo/ipinfo_privacy.yml +++ b/lookup_tables/ipinfo/ipinfo_privacy.yml @@ -422,16 +422,6 @@ LogTypeMap: - LogType: Sysdig.Audit Selectors: - "$.content.userOriginIP" - - LogType: Tailscale.Network - Selectors: - - "$.event.virtualTraffic[].srcIp" - - "$.event.virtualTraffic[].dstIp" - - "$.event.subnetTraffic[].srcIp" - - "$.event.subnetTraffic[].dstIp" - - "$.event.exitTraffic[].srcIp" - - "$.event.exitTraffic[].dstIp" - - "$.event.physicalTraffic[].srcIp" - - "$.event.physicalTraffic[].dstIp" - LogType: Tines.Audit Selectors: - "request_ip" diff --git a/lookup_tables/ipinfo/ipinfo_privacy_datalake.yml b/lookup_tables/ipinfo/ipinfo_privacy_datalake.yml index 5e4b45faa..2715aaa6c 100644 --- a/lookup_tables/ipinfo/ipinfo_privacy_datalake.yml +++ b/lookup_tables/ipinfo/ipinfo_privacy_datalake.yml @@ -422,16 +422,6 @@ LogTypeMap: - LogType: Sysdig.Audit Selectors: - "$.content.userOriginIP" - - LogType: Tailscale.Network - Selectors: - - "$.event.virtualTraffic[].srcIp" - - "$.event.virtualTraffic[].dstIp" - - "$.event.subnetTraffic[].srcIp" - - "$.event.subnetTraffic[].dstIp" - - "$.event.exitTraffic[].srcIp" - - "$.event.exitTraffic[].dstIp" - - "$.event.physicalTraffic[].srcIp" - - "$.event.physicalTraffic[].dstIp" - LogType: Tines.Audit Selectors: - "request_ip" diff --git a/lookup_tables/tor/tor_exit_nodes.yml b/lookup_tables/tor/tor_exit_nodes.yml index 9e1011174..103ff3392 100644 --- a/lookup_tables/tor/tor_exit_nodes.yml +++ b/lookup_tables/tor/tor_exit_nodes.yml @@ -422,16 +422,6 @@ LogTypeMap: - LogType: Sysdig.Audit Selectors: - "$.content.userOriginIP" - - LogType: Tailscale.Network - Selectors: - - "$.event.virtualTraffic[].srcIp" - - "$.event.virtualTraffic[].dstIp" - - "$.event.subnetTraffic[].srcIp" - - "$.event.subnetTraffic[].dstIp" - - "$.event.exitTraffic[].srcIp" - - "$.event.exitTraffic[].dstIp" - - "$.event.physicalTraffic[].srcIp" - - "$.event.physicalTraffic[].dstIp" - LogType: Tines.Audit Selectors: - "request_ip"