tum
4a7a140247
sample logs
|
5 天之前 | |
|---|---|---|
| .. | ||
| README.md | 1 周之前 | |
| appendix-a-production-samples.log | 5 天之前 | |
| appendix-b-production-samples.log | 5 天之前 | |
| appendix-c-production-samples.log | 5 天之前 | |
README.md
SOC Production Sample Logs
These files provide realistic sample events aligned with current production-focused Wazuh rules (110xxx):
appendix-a-production-samples.logappendix-b-production-samples.logappendix-c-production-samples.log
Notes:
- FortiGate and VMware lines are raw/syslog-style key-value examples.
- Windows samples are in compact JSON using Wazuh-decoded field names (
win.system.eventID,win.eventdata.*) so rule intent is explicit. - SOC Integrator correlation examples use
soc_event=...payloads consumed by custom decoders (soc-prod-dns,soc-prod-integrator).
These are reference samples for testing and documentation, not exact byte-for-byte exports from a single environment.