Skip to content

Commit

Permalink
Fix Tailscale.Network selectors to be able to reach attribute of the …
Browse files Browse the repository at this point in the history 
…object in array
  • Loading branch information
@akozlovets098
akozlovets098 committed Dec 6, 2023
1 parent 3c56446 commit 0e89675
Show file tree
Hide file tree
Showing 11 changed files with 88 additions and 88 deletions.
16 changes: 8 additions & 8 deletions lookup_tables/greynoise/advanced/noise_advanced.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -424,14 +424,14 @@ LogTypeMap:
- "$.content.userOriginIP"
- LogType: Tailscale.Network
Selectors:
- "$.event.virtualTraffic.srcIp"
- "$.event.virtualTraffic.dstIp"
- "$.event.subnetTraffic.srcIp"
- "$.event.subnetTraffic.dstIp"
- "$.event.exitTraffic.srcIp"
- "$.event.exitTraffic.dstIp"
- "$.event.physicalTraffic.srcIp"
- "$.event.physicalTraffic.dstIp"
- "$.event.virtualTraffic[].srcIp"
- "$.event.virtualTraffic[].dstIp"
- "$.event.subnetTraffic[].srcIp"
- "$.event.subnetTraffic[].dstIp"
- "$.event.exitTraffic[].srcIp"
- "$.event.exitTraffic[].dstIp"
- "$.event.physicalTraffic[].srcIp"
- "$.event.physicalTraffic[].dstIp"
- LogType: Tines.Audit
Selectors:
- "request_ip"
Expand Down
16 changes: 8 additions & 8 deletions lookup_tables/greynoise/advanced/riot_advanced.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -424,14 +424,14 @@ LogTypeMap:
- "$.content.userOriginIP"
- LogType: Tailscale.Network
Selectors:
- "$.event.virtualTraffic.srcIp"
- "$.event.virtualTraffic.dstIp"
- "$.event.subnetTraffic.srcIp"
- "$.event.subnetTraffic.dstIp"
- "$.event.exitTraffic.srcIp"
- "$.event.exitTraffic.dstIp"
- "$.event.physicalTraffic.srcIp"
- "$.event.physicalTraffic.dstIp"
- "$.event.virtualTraffic[].srcIp"
- "$.event.virtualTraffic[].dstIp"
- "$.event.subnetTraffic[].srcIp"
- "$.event.subnetTraffic[].dstIp"
- "$.event.exitTraffic[].srcIp"
- "$.event.exitTraffic[].dstIp"
- "$.event.physicalTraffic[].srcIp"
- "$.event.physicalTraffic[].dstIp"
- LogType: Tines.Audit
Selectors:
- "request_ip"
Expand Down
16 changes: 8 additions & 8 deletions lookup_tables/greynoise/basic/noise_basic.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -424,14 +424,14 @@ LogTypeMap:
- "$.content.userOriginIP"
- LogType: Tailscale.Network
Selectors:
- "$.event.virtualTraffic.srcIp"
- "$.event.virtualTraffic.dstIp"
- "$.event.subnetTraffic.srcIp"
- "$.event.subnetTraffic.dstIp"
- "$.event.exitTraffic.srcIp"
- "$.event.exitTraffic.dstIp"
- "$.event.physicalTraffic.srcIp"
- "$.event.physicalTraffic.dstIp"
- "$.event.virtualTraffic[].srcIp"
- "$.event.virtualTraffic[].dstIp"
- "$.event.subnetTraffic[].srcIp"
- "$.event.subnetTraffic[].dstIp"
- "$.event.exitTraffic[].srcIp"
- "$.event.exitTraffic[].dstIp"
- "$.event.physicalTraffic[].srcIp"
- "$.event.physicalTraffic[].dstIp"
- LogType: Tines.Audit
Selectors:
- "request_ip"
Expand Down
16 changes: 8 additions & 8 deletions lookup_tables/greynoise/basic/riot_basic.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -424,14 +424,14 @@ LogTypeMap:
- "$.content.userOriginIP"
- LogType: Tailscale.Network
Selectors:
- "$.event.virtualTraffic.srcIp"
- "$.event.virtualTraffic.dstIp"
- "$.event.subnetTraffic.srcIp"
- "$.event.subnetTraffic.dstIp"
- "$.event.exitTraffic.srcIp"
- "$.event.exitTraffic.dstIp"
- "$.event.physicalTraffic.srcIp"
- "$.event.physicalTraffic.dstIp"
- "$.event.virtualTraffic[].srcIp"
- "$.event.virtualTraffic[].dstIp"
- "$.event.subnetTraffic[].srcIp"
- "$.event.subnetTraffic[].dstIp"
- "$.event.exitTraffic[].srcIp"
- "$.event.exitTraffic[].dstIp"
- "$.event.physicalTraffic[].srcIp"
- "$.event.physicalTraffic[].dstIp"
- LogType: Tines.Audit
Selectors:
- "request_ip"
Expand Down
16 changes: 8 additions & 8 deletions lookup_tables/ipinfo/ipinfo_asn.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -424,14 +424,14 @@ LogTypeMap:
- "$.content.userOriginIP"
- LogType: Tailscale.Network
Selectors:
- "$.event.virtualTraffic.srcIp"
- "$.event.virtualTraffic.dstIp"
- "$.event.subnetTraffic.srcIp"
- "$.event.subnetTraffic.dstIp"
- "$.event.exitTraffic.srcIp"
- "$.event.exitTraffic.dstIp"
- "$.event.physicalTraffic.srcIp"
- "$.event.physicalTraffic.dstIp"
- "$.event.virtualTraffic[].srcIp"
- "$.event.virtualTraffic[].dstIp"
- "$.event.subnetTraffic[].srcIp"
- "$.event.subnetTraffic[].dstIp"
- "$.event.exitTraffic[].srcIp"
- "$.event.exitTraffic[].dstIp"
- "$.event.physicalTraffic[].srcIp"
- "$.event.physicalTraffic[].dstIp"
- LogType: Tines.Audit
Selectors:
- "request_ip"
Expand Down
16 changes: 8 additions & 8 deletions lookup_tables/ipinfo/ipinfo_asn_datalake.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -424,14 +424,14 @@ LogTypeMap:
- "$.content.userOriginIP"
- LogType: Tailscale.Network
Selectors:
- "$.event.virtualTraffic.srcIp"
- "$.event.virtualTraffic.dstIp"
- "$.event.subnetTraffic.srcIp"
- "$.event.subnetTraffic.dstIp"
- "$.event.exitTraffic.srcIp"
- "$.event.exitTraffic.dstIp"
- "$.event.physicalTraffic.srcIp"
- "$.event.physicalTraffic.dstIp"
- "$.event.virtualTraffic[].srcIp"
- "$.event.virtualTraffic[].dstIp"
- "$.event.subnetTraffic[].srcIp"
- "$.event.subnetTraffic[].dstIp"
- "$.event.exitTraffic[].srcIp"
- "$.event.exitTraffic[].dstIp"
- "$.event.physicalTraffic[].srcIp"
- "$.event.physicalTraffic[].dstIp"
- LogType: Tines.Audit
Selectors:
- "request_ip"
Expand Down
16 changes: 8 additions & 8 deletions lookup_tables/ipinfo/ipinfo_location.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -424,14 +424,14 @@ LogTypeMap:
- "$.content.userOriginIP"
- LogType: Tailscale.Network
Selectors:
- "$.event.virtualTraffic.srcIp"
- "$.event.virtualTraffic.dstIp"
- "$.event.subnetTraffic.srcIp"
- "$.event.subnetTraffic.dstIp"
- "$.event.exitTraffic.srcIp"
- "$.event.exitTraffic.dstIp"
- "$.event.physicalTraffic.srcIp"
- "$.event.physicalTraffic.dstIp"
- "$.event.virtualTraffic[].srcIp"
- "$.event.virtualTraffic[].dstIp"
- "$.event.subnetTraffic[].srcIp"
- "$.event.subnetTraffic[].dstIp"
- "$.event.exitTraffic[].srcIp"
- "$.event.exitTraffic[].dstIp"
- "$.event.physicalTraffic[].srcIp"
- "$.event.physicalTraffic[].dstIp"
- LogType: Tines.Audit
Selectors:
- "request_ip"
Expand Down
16 changes: 8 additions & 8 deletions lookup_tables/ipinfo/ipinfo_location_datalake.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -424,14 +424,14 @@ LogTypeMap:
- "$.content.userOriginIP"
- LogType: Tailscale.Network
Selectors:
- "$.event.virtualTraffic.srcIp"
- "$.event.virtualTraffic.dstIp"
- "$.event.subnetTraffic.srcIp"
- "$.event.subnetTraffic.dstIp"
- "$.event.exitTraffic.srcIp"
- "$.event.exitTraffic.dstIp"
- "$.event.physicalTraffic.srcIp"
- "$.event.physicalTraffic.dstIp"
- "$.event.virtualTraffic[].srcIp"
- "$.event.virtualTraffic[].dstIp"
- "$.event.subnetTraffic[].srcIp"
- "$.event.subnetTraffic[].dstIp"
- "$.event.exitTraffic[].srcIp"
- "$.event.exitTraffic[].dstIp"
- "$.event.physicalTraffic[].srcIp"
- "$.event.physicalTraffic[].dstIp"
- LogType: Tines.Audit
Selectors:
- "request_ip"
Expand Down
16 changes: 8 additions & 8 deletions lookup_tables/ipinfo/ipinfo_privacy.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -424,14 +424,14 @@ LogTypeMap:
- "$.content.userOriginIP"
- LogType: Tailscale.Network
Selectors:
- "$.event.virtualTraffic.srcIp"
- "$.event.virtualTraffic.dstIp"
- "$.event.subnetTraffic.srcIp"
- "$.event.subnetTraffic.dstIp"
- "$.event.exitTraffic.srcIp"
- "$.event.exitTraffic.dstIp"
- "$.event.physicalTraffic.srcIp"
- "$.event.physicalTraffic.dstIp"
- "$.event.virtualTraffic[].srcIp"
- "$.event.virtualTraffic[].dstIp"
- "$.event.subnetTraffic[].srcIp"
- "$.event.subnetTraffic[].dstIp"
- "$.event.exitTraffic[].srcIp"
- "$.event.exitTraffic[].dstIp"
- "$.event.physicalTraffic[].srcIp"
- "$.event.physicalTraffic[].dstIp"
- LogType: Tines.Audit
Selectors:
- "request_ip"
Expand Down
16 changes: 8 additions & 8 deletions lookup_tables/ipinfo/ipinfo_privacy_datalake.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -424,14 +424,14 @@ LogTypeMap:
- "$.content.userOriginIP"
- LogType: Tailscale.Network
Selectors:
- "$.event.virtualTraffic.srcIp"
- "$.event.virtualTraffic.dstIp"
- "$.event.subnetTraffic.srcIp"
- "$.event.subnetTraffic.dstIp"
- "$.event.exitTraffic.srcIp"
- "$.event.exitTraffic.dstIp"
- "$.event.physicalTraffic.srcIp"
- "$.event.physicalTraffic.dstIp"
- "$.event.virtualTraffic[].srcIp"
- "$.event.virtualTraffic[].dstIp"
- "$.event.subnetTraffic[].srcIp"
- "$.event.subnetTraffic[].dstIp"
- "$.event.exitTraffic[].srcIp"
- "$.event.exitTraffic[].dstIp"
- "$.event.physicalTraffic[].srcIp"
- "$.event.physicalTraffic[].dstIp"
- LogType: Tines.Audit
Selectors:
- "request_ip"
Expand Down
16 changes: 8 additions & 8 deletions lookup_tables/tor/tor_exit_nodes.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -424,14 +424,14 @@ LogTypeMap:
- "$.content.userOriginIP"
- LogType: Tailscale.Network
Selectors:
- "$.event.virtualTraffic.srcIp"
- "$.event.virtualTraffic.dstIp"
- "$.event.subnetTraffic.srcIp"
- "$.event.subnetTraffic.dstIp"
- "$.event.exitTraffic.srcIp"
- "$.event.exitTraffic.dstIp"
- "$.event.physicalTraffic.srcIp"
- "$.event.physicalTraffic.dstIp"
- "$.event.virtualTraffic[].srcIp"
- "$.event.virtualTraffic[].dstIp"
- "$.event.subnetTraffic[].srcIp"
- "$.event.subnetTraffic[].dstIp"
- "$.event.exitTraffic[].srcIp"
- "$.event.exitTraffic[].dstIp"
- "$.event.physicalTraffic[].srcIp"
- "$.event.physicalTraffic[].dstIp"
- LogType: Tines.Audit
Selectors:
- "request_ip"
Expand Down

0 comments on commit 0e89675

Please sign in to comment.