@name opensearch-3.4.0
@version 15
@comment pkgpath=textproc/opensearch ftp=yes
@arch amd64
+DESC
@sha 4VMOLO7Tb3OoysJqEDhiDwzzY//K0lRbftLZL3CLUJI=
@size 276
@depend devel/jdk/21:jdk->=21v0,<22v0:jdk-21.0.9.10.1p1v0
@depend java/javaPathHelper:javaPathHelper-*:javaPathHelper-2.4
@depend java/jna:jna-*:jna-5.11.0p3
@depend shells/bash:bash-*:bash-5.3.9
@newgroup _opensearch:881
@newuser _opensearch:881:_opensearch::OpenSearch User:/nonexistent:/sbin/nologin
@cwd /usr/local
@unexec rm -f /etc/opensearch/opensearch-security-analytics
@extraunexec rm -rf /etc/opensearch/opensearch.keystore
@extraunexec rm -rf /var/opensearch/*
@extraunexec rm -rf /var/log/opensearch/*
@rcscript /etc/rc.d/opensearch
@sha y/VhkrtEtsYfnUs/WrbxTRUx1EAUh2Yqi3WPsxQpyzU=
@size 343
@ts 1768594068
opensearch/
opensearch/agent/
opensearch/agent/byte-buddy-1.17.7.jar
@sha NXXcuKmPr5Q9PBWVxHoWBHxPzoqD67smJi8aL2dUY1c=
@size 9015334
@ts 1768594063
opensearch/agent/opensearch-agent-bootstrap-3.4.0.jar
@sha iD/XEWFo/MdB85FyPAG7ARUrSrHz7O3+qRZNZenKuZ4=
@size 11170
@ts 1768594063
opensearch/agent/opensearch-agent.jar
@sha dwZUIBggYs6F7OBNvOk3PGGVJ74WzcK6UaO8XSntPhw=
@size 21479
@ts 1768594063
opensearch/bin/
opensearch/bin/opensearch
@sha AmcXIi1nUCGoloW1+zzTG7FXNNlVxnxUbuULHpp62Os=
@size 3117
@ts 1768594063
opensearch/bin/opensearch-cli
@sha pteyE5/A+Wx3oQeQlfZ7zGWYe996tCPVZKsxcklUzII=
@size 1090
@ts 1768594063
opensearch/bin/opensearch-env
@sha n96hkjm+hxRWoCPo5/EQElXHdAMzog8vRma7WJBYNXY=
@size 6091
@ts 1768594063
opensearch/bin/opensearch-env-from-file
@sha Sta9enURE85S79BYlXY9sha9GLhM++WIV+ZoXC5COaI=
@size 1838
@ts 1768594063
opensearch/bin/opensearch-fips-demo-installer
@sha /Ch8KIm3p8BjBspPVykrXqClypTLkfvv1sepTjU0v/o=
@size 253
@ts 1768594063
opensearch/bin/opensearch-keystore
@sha OVBswmipMKwanFlkEIBTwfSibdyphpCi7hP34++l1ec=
@size 225
@ts 1768594063
opensearch/bin/opensearch-node
@sha 8vKlzDjZ5A4UEdxBjYjuHSk+VEGRrCNT6Yiyk24IHEo=
@size 155
@ts 1768594063
opensearch/bin/opensearch-performance-analyzer/
opensearch/bin/opensearch-performance-analyzer/performance-analyzer-agent-cli
@sha Kdw3uLI26nWdgl6luoQMkZ3HWNK/fS5dCiBSEK8JWJc=
@size 1048
@ts 1768594063
opensearch/bin/opensearch-plugin
@sha VAprZbqGOWKndB5RKuIVgblFzYZBRwskgrVzS/yeZ74=
@size 219
@ts 1768594063
opensearch/bin/opensearch-shard
@sha OZgWJavmwZkJE2dV/lXJ42BQ507+5P7NqFYjm4VLyl4=
@size 148
@ts 1768594063
opensearch/lib/
opensearch/lib/HdrHistogram-2.2.2.jar
@sha ItHUMWxOwTpotVnpjIJW1pBxWTcx2pYTZkD4ZPoU+tg=
@size 177206
@ts 1768594063
opensearch/lib/RoaringBitmap-1.3.0.jar
@sha c0Q6caLiQBx9UYpIeYNTn8r1+WUu+9F4+SnnttNogdA=
@size 459295
@ts 1768594063
opensearch/lib/jackson-core-2.18.2.jar
@sha 2AVK58DRwtL1XSjkYCbr5YkogfP6tfQ5IzGEOBw7Sh8=
@size 597807
@ts 1768594063
opensearch/lib/jackson-dataformat-cbor-2.18.2.jar
@sha harRthEfX00do2A5WNr5skXG9kNcaR6iu2+rGu8zChc=
@size 70624
@ts 1768594063
opensearch/lib/jackson-dataformat-smile-2.18.2.jar
@sha 79AatREAJh63YwJ3REkQdjStKHjyxEykF6MwAlLgYUo=
@size 96869
@ts 1768594063
opensearch/lib/jackson-dataformat-yaml-2.18.2.jar
@sha OBocBxHku4hWGmwACLWpRUZWKMoHdkzNZqDZfuB61hI=
@size 55580
@ts 1768594063
opensearch/lib/jakarta.annotation-api-1.3.5.jar
@sha hfsD/AVM3078qO/ZtnEru0GOGrmCQcRTnIWFu8I+G4o=
@size 25058
@ts 1768594063
opensearch/lib/java-version-checker-3.4.0.jar
@sha Pv4JlFwl0gf7vFmtS02KbGDrKsHMdp7L2wWq7Y3BM3s=
@size 7407
@ts 1768594063
opensearch/lib/joda-time-2.12.7.jar
@sha OFKCsAWBjPrM2+i9JCmBHn5kF4LyuIkyprj/UdZo9hY=
@size 638434
@ts 1768594063
opensearch/lib/jopt-simple-5.0.4.jar
@sha 3ybMWPI19HfbB/dTulo6skPr5Xidn4ns9o3WLqmmbCg=
@size 78146
@ts 1768594063
opensearch/lib/jts-core-1.15.0.jar
@sha ABAs3ibEV7gfuwJI5PiEWIQkPKug3Jt/tC4OqHc4O8E=
@size 797736
@ts 1768594063
opensearch/lib/jzlib-1.1.3.jar
@sha ibE2D0Bzgb9h/eQRAZ2MvQCeuxDP9xXzZpAXoDECdWA=
@size 71976
@ts 1768594063
opensearch/lib/log4j-api-2.21.0.jar
@sha tH6ImA3dRbGt4orIrYIoreyeTnErCUINQgUPR68IBSU=
@size 317471
@ts 1768594063
opensearch/lib/log4j-core-2.21.0.jar
@sha 0Pd87N3CaRab70CHPlOpYQujjKHEoc/zLzBrOn6op+o=
@size 1895888
@ts 1768594063
opensearch/lib/log4j-jul-2.21.0.jar
@sha 2IBWCPksCsRorntGkYJBU5CrbEFNkRauSGVGFZXs29w=
@size 30886
@ts 1768594063
opensearch/lib/lucene-analysis-common-10.3.2.jar
@sha FAPg3yA6kDdigBW82cpGz6iZQwvfuTk3TM7MNM3N9Gs=
@size 1748343
@ts 1768594063
opensearch/lib/lucene-backward-codecs-10.3.2.jar
@sha 6H1ksNpLvhoYtW++aXqM9uaVsrcdpW5hGZv8l3gWOc0=
@size 836474
@ts 1768594063
opensearch/lib/lucene-core-10.3.2.jar
@sha yDWjzCfNVywsjZN3HFOt/pe8EeGrzDU7h6XSkPigGgg=
@size 4561849
@ts 1768594063
opensearch/lib/lucene-grouping-10.3.2.jar
@sha 6XrhfcETiCsrUBmgLPC3SPlGWsD1Y2vid91CayGBesA=
@size 96703
@ts 1768594063
opensearch/lib/lucene-highlighter-10.3.2.jar
@sha 2cQ1TowJtGXl+eEbEF+ZvSdIHw2G7F4j4dMhS7KkPAk=
@size 280110
@ts 1768594063
opensearch/lib/lucene-join-10.3.2.jar
@sha 8tTeH883+dudIFIXfpt3YNDsr0OFyY7pIEaFB5/y1C0=
@size 179487
@ts 1768594063
opensearch/lib/lucene-memory-10.3.2.jar
@sha Z9BTRXkdAS4dchiXM6dsl4hwKzVRBk4eqs5nU6olW6g=
@size 65098
@ts 1768594063
opensearch/lib/lucene-misc-10.3.2.jar
@sha DRTFbGGAPe6/TVnB+SdBmlC/WTCwkhWR14KZu+ikgr8=
@size 136674
@ts 1768594063
opensearch/lib/lucene-queries-10.3.2.jar
@sha RfmJTSqj0UOnmpgPqUHXL3M7Tr1L5mwLGnnUKOag21c=
@size 521566
@ts 1768594063
opensearch/lib/lucene-queryparser-10.3.2.jar
@sha drlQ7T09TTlFYYoL5238XZ7pDiT483SK4Hdcjb3z1rg=
@size 425520
@ts 1768594063
opensearch/lib/lucene-sandbox-10.3.2.jar
@sha ZwtxPSCWFemSBsQZ0Zu1pTMCXWf8tuQOJgBrKgnmIFE=
@size 375246
@ts 1768594063
opensearch/lib/lucene-spatial-extras-10.3.2.jar
@sha GX3W0xSxF4+rnKsl2XR6400+y7tGL0S5XnN6XRcb5c4=
@size 243594
@ts 1768594063
opensearch/lib/lucene-spatial3d-10.3.2.jar
@sha n0zeKmcRIlFxVtgZV5P7cgauCUClWmCtF/tmAnljcdk=
@size 329838
@ts 1768594063
opensearch/lib/lucene-suggest-10.3.2.jar
@sha K+DOb73s5O3xZuNGxuvmz9NijEPFgE1UvxeSee/efJQ=
@size 243665
@ts 1768594063
opensearch/lib/opensearch-3.4.0.jar
@sha 4X4L5b2hayubFNVETfeBab1wrTsggWPz8AeyROrb+FY=
@size 16974162
@ts 1768594063
opensearch/lib/opensearch-agent-policy-3.4.0.jar
@sha 9qCLlVFNzJ5b1QbrQ98u49Yiu0NdHVb1GoSBKxDg8CY=
@size 28272
@ts 1768594063
opensearch/lib/opensearch-cli-3.4.0.jar
@sha CAT3GPnJHhEM5+ea5iN2hn/9eE3n2R5p6OhKSPyYyGA=
@size 18419
@ts 1768594063
opensearch/lib/opensearch-common-3.4.0.jar
@sha bRoNNp2uLaihNci2m4zX7KW6007QYho42pbmd7+UuOQ=
@size 152794
@ts 1768594063
opensearch/lib/opensearch-compress-3.4.0.jar
@sha 6IkyLWagrEGtmzi4H6fAPoe/+vd/Js/tccAjSWNoFDU=
@size 8234
@ts 1768594063
opensearch/lib/opensearch-core-3.4.0.jar
@sha xi+18S06LvchhzKhnUi5lcYB1q/MZ9vYzt41BStLdjs=
@size 368871
@ts 1768594063
opensearch/lib/opensearch-geo-3.4.0.jar
@sha REwufMMZB+hIaAIJZ9nxCRFr6jZkYwAPYrTUAkcU7J0=
@size 47072
@ts 1768594063
opensearch/lib/opensearch-launchers-3.4.0.jar
@sha LcBhopG4yD+e/cVRj0IOHWV3yVTlJhENGEfebNQsfsA=
@size 21018
@ts 1768594063
opensearch/lib/opensearch-plugin-classloader-3.4.0.jar
@sha Ha0/wZyX26CJSIp01Gev/7u9HS7H24JryfuQDZyiuF0=
@size 6811
@ts 1768594063
opensearch/lib/opensearch-secure-sm-3.4.0.jar
@sha a7NSUAEVXN+cW28hpd337OR50Qf1qDlHR37MXiAMyc8=
@size 6815
@ts 1768594063
opensearch/lib/opensearch-task-commons-3.4.0.jar
@sha yXR+FICyxTtIo5US1/Khkw7s9jUcLN95kZOAGuRdu1c=
@size 14667
@ts 1768594063
opensearch/lib/opensearch-telemetry-3.4.0.jar
@sha axK5r7MrV7ai6e9UWgt9LmEGTC4MtPkFdPrtIz259HI=
@size 32666
@ts 1768594063
opensearch/lib/opensearch-x-content-3.4.0.jar
@sha TKNIl7pOvcMgc5OHWs93mHAOyVl7O7qS2/wEp4zaMC0=
@size 41306
@ts 1768594063
opensearch/lib/protobuf-java-3.25.8.jar
@sha cr2zLrOMr7fc0ogmLCmjTVfLouGRAa+WhRVbqMClYAg=
@size 1876626
@ts 1768594063
opensearch/lib/reactive-streams-1.0.4.jar
@sha 91yll3ibPaxY9hhXuawuEDSmj6Zy2zUFWo+0UJ4yXyg=
@size 11640
@ts 1768594063
opensearch/lib/reactor-core-3.8.0.jar
@sha 0ZX7qv8l+9XqSC9yGoMsHLRB6MPl5y74MB9VmtxvPxQ=
@size 1937020
@ts 1768594063
opensearch/lib/snakeyaml-2.1.jar
@sha aaRTcEXdvK7Uxo7vB0Ri6xLTJNeVP2LF7NNd9kXorsk=
@size 334189
@ts 1768594063
opensearch/lib/spatial4j-0.7.jar
@sha mtzLHYf34L5wVnuVLGVVJgfi3L3jKhV5qKY5vc+ho8g=
@size 204833
@ts 1768594063
opensearch/lib/t-digest-3.3.jar
@sha 3IvlIo4HM+EvvjXu/7b3IN/1drsutd7mnBwhGtzXrrk=
@size 81626
@ts 1768594063
opensearch/lib/tools/
opensearch/lib/tools/fips-demo-installer-cli/
opensearch/lib/tools/fips-demo-installer-cli/HdrHistogram-2.2.2.jar
@sha ItHUMWxOwTpotVnpjIJW1pBxWTcx2pYTZkD4ZPoU+tg=
@size 177206
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/RoaringBitmap-1.3.0.jar
@sha c0Q6caLiQBx9UYpIeYNTn8r1+WUu+9F4+SnnttNogdA=
@size 459295
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/bc-fips-2.1.2.jar
@sha BE/NiinSNu3qiltBRAbNrmO0dfmtnwX+LckEoneUERU=
@size 8608495
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/fips-demo-installer-cli-3.4.0.jar
@sha CqKp1M2UQsOzu4n0D07w+m9Qa8RNIkPqFPCEjUfy3q0=
@size 37363
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/jackson-core-2.18.2.jar
@sha 2AVK58DRwtL1XSjkYCbr5YkogfP6tfQ5IzGEOBw7Sh8=
@size 597807
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/jackson-dataformat-cbor-2.18.2.jar
@sha harRthEfX00do2A5WNr5skXG9kNcaR6iu2+rGu8zChc=
@size 70624
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/jackson-dataformat-smile-2.18.2.jar
@sha 79AatREAJh63YwJ3REkQdjStKHjyxEykF6MwAlLgYUo=
@size 96869
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/jackson-dataformat-yaml-2.18.2.jar
@sha OBocBxHku4hWGmwACLWpRUZWKMoHdkzNZqDZfuB61hI=
@size 55580
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/jakarta.annotation-api-1.3.5.jar
@sha hfsD/AVM3078qO/ZtnEru0GOGrmCQcRTnIWFu8I+G4o=
@size 25058
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/java-version-checker-3.4.0.jar
@sha Pv4JlFwl0gf7vFmtS02KbGDrKsHMdp7L2wWq7Y3BM3s=
@size 7407
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/jna-5.16.0.jar
@sha P1IzWJp5nrZtwpaa+jQz+1aFnT14fFi5vH3Z6G8KJQw=
@size 2003058
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/joda-time-2.12.7.jar
@sha OFKCsAWBjPrM2+i9JCmBHn5kF4LyuIkyprj/UdZo9hY=
@size 638434
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/jopt-simple-5.0.4.jar
@sha 3ybMWPI19HfbB/dTulo6skPr5Xidn4ns9o3WLqmmbCg=
@size 78146
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/jts-core-1.15.0.jar
@sha ABAs3ibEV7gfuwJI5PiEWIQkPKug3Jt/tC4OqHc4O8E=
@size 797736
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/jzlib-1.1.3.jar
@sha ibE2D0Bzgb9h/eQRAZ2MvQCeuxDP9xXzZpAXoDECdWA=
@size 71976
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/log4j-api-2.21.0.jar
@sha tH6ImA3dRbGt4orIrYIoreyeTnErCUINQgUPR68IBSU=
@size 317471
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/log4j-core-2.21.0.jar
@sha 0Pd87N3CaRab70CHPlOpYQujjKHEoc/zLzBrOn6op+o=
@size 1895888
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/log4j-jul-2.21.0.jar
@sha 2IBWCPksCsRorntGkYJBU5CrbEFNkRauSGVGFZXs29w=
@size 30886
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/lucene-analysis-common-10.3.2.jar
@sha FAPg3yA6kDdigBW82cpGz6iZQwvfuTk3TM7MNM3N9Gs=
@size 1748343
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/lucene-backward-codecs-10.3.2.jar
@sha 6H1ksNpLvhoYtW++aXqM9uaVsrcdpW5hGZv8l3gWOc0=
@size 836474
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/lucene-core-10.3.2.jar
@sha yDWjzCfNVywsjZN3HFOt/pe8EeGrzDU7h6XSkPigGgg=
@size 4561849
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/lucene-grouping-10.3.2.jar
@sha 6XrhfcETiCsrUBmgLPC3SPlGWsD1Y2vid91CayGBesA=
@size 96703
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/lucene-highlighter-10.3.2.jar
@sha 2cQ1TowJtGXl+eEbEF+ZvSdIHw2G7F4j4dMhS7KkPAk=
@size 280110
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/lucene-join-10.3.2.jar
@sha 8tTeH883+dudIFIXfpt3YNDsr0OFyY7pIEaFB5/y1C0=
@size 179487
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/lucene-memory-10.3.2.jar
@sha Z9BTRXkdAS4dchiXM6dsl4hwKzVRBk4eqs5nU6olW6g=
@size 65098
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/lucene-misc-10.3.2.jar
@sha DRTFbGGAPe6/TVnB+SdBmlC/WTCwkhWR14KZu+ikgr8=
@size 136674
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/lucene-queries-10.3.2.jar
@sha RfmJTSqj0UOnmpgPqUHXL3M7Tr1L5mwLGnnUKOag21c=
@size 521566
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/lucene-queryparser-10.3.2.jar
@sha drlQ7T09TTlFYYoL5238XZ7pDiT483SK4Hdcjb3z1rg=
@size 425520
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/lucene-sandbox-10.3.2.jar
@sha ZwtxPSCWFemSBsQZ0Zu1pTMCXWf8tuQOJgBrKgnmIFE=
@size 375246
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/lucene-spatial-extras-10.3.2.jar
@sha GX3W0xSxF4+rnKsl2XR6400+y7tGL0S5XnN6XRcb5c4=
@size 243594
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/lucene-spatial3d-10.3.2.jar
@sha n0zeKmcRIlFxVtgZV5P7cgauCUClWmCtF/tmAnljcdk=
@size 329838
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/lucene-suggest-10.3.2.jar
@sha K+DOb73s5O3xZuNGxuvmz9NijEPFgE1UvxeSee/efJQ=
@size 243665
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/opensearch-3.4.0.jar
@sha 4X4L5b2hayubFNVETfeBab1wrTsggWPz8AeyROrb+FY=
@size 16974162
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/opensearch-agent-policy-3.4.0.jar
@sha 9qCLlVFNzJ5b1QbrQ98u49Yiu0NdHVb1GoSBKxDg8CY=
@size 28272
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/opensearch-cli-3.4.0.jar
@sha CAT3GPnJHhEM5+ea5iN2hn/9eE3n2R5p6OhKSPyYyGA=
@size 18419
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/opensearch-common-3.4.0.jar
@sha bRoNNp2uLaihNci2m4zX7KW6007QYho42pbmd7+UuOQ=
@size 152794
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/opensearch-compress-3.4.0.jar
@sha 6IkyLWagrEGtmzi4H6fAPoe/+vd/Js/tccAjSWNoFDU=
@size 8234
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/opensearch-core-3.4.0.jar
@sha xi+18S06LvchhzKhnUi5lcYB1q/MZ9vYzt41BStLdjs=
@size 368871
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/opensearch-geo-3.4.0.jar
@sha REwufMMZB+hIaAIJZ9nxCRFr6jZkYwAPYrTUAkcU7J0=
@size 47072
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/opensearch-secure-sm-3.4.0.jar
@sha a7NSUAEVXN+cW28hpd337OR50Qf1qDlHR37MXiAMyc8=
@size 6815
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/opensearch-task-commons-3.4.0.jar
@sha yXR+FICyxTtIo5US1/Khkw7s9jUcLN95kZOAGuRdu1c=
@size 14667
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/opensearch-telemetry-3.4.0.jar
@sha axK5r7MrV7ai6e9UWgt9LmEGTC4MtPkFdPrtIz259HI=
@size 32666
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/opensearch-x-content-3.4.0.jar
@sha TKNIl7pOvcMgc5OHWs93mHAOyVl7O7qS2/wEp4zaMC0=
@size 41306
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/picocli-4.7.7.jar
@sha +G4w//0Q0rE7jKqNSyN6fuYfL/zPWxlB3nGLdl0jW/g=
@size 417640
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/protobuf-java-3.25.8.jar
@sha cr2zLrOMr7fc0ogmLCmjTVfLouGRAa+WhRVbqMClYAg=
@size 1876626
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/reactive-streams-1.0.4.jar
@sha 91yll3ibPaxY9hhXuawuEDSmj6Zy2zUFWo+0UJ4yXyg=
@size 11640
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/reactor-core-3.8.0.jar
@sha 0ZX7qv8l+9XqSC9yGoMsHLRB6MPl5y74MB9VmtxvPxQ=
@size 1937020
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/snakeyaml-2.1.jar
@sha aaRTcEXdvK7Uxo7vB0Ri6xLTJNeVP2LF7NNd9kXorsk=
@size 334189
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/spatial4j-0.7.jar
@sha mtzLHYf34L5wVnuVLGVVJgfi3L3jKhV5qKY5vc+ho8g=
@size 204833
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/t-digest-3.3.jar
@sha 3IvlIo4HM+EvvjXu/7b3IN/1drsutd7mnBwhGtzXrrk=
@size 81626
@ts 1768594063
opensearch/lib/tools/fips-demo-installer-cli/zstd-jni-1.5.6-1.jar
@sha ppWW+EKANZSijTKsR7w/VSeFbFGAWCJuE0u2AgEOrjQ=
@size 6795212
@ts 1768594063
opensearch/lib/tools/keystore-cli/
opensearch/lib/tools/keystore-cli/keystore-cli-3.4.0.jar
@sha tK6eqHrA0bIAUKNMgQY+NiJS7pcbgDBj4o5G2EJCo9k=
@size 23726
@ts 1768594063
opensearch/lib/tools/plugin-cli/
opensearch/lib/tools/plugin-cli/bc-fips-2.1.2.jar
@sha BE/NiinSNu3qiltBRAbNrmO0dfmtnwX+LckEoneUERU=
@size 8608495
@ts 1768594063
opensearch/lib/tools/plugin-cli/bcpg-fips-2.1.11.jar
@sha 6lHv7oJb0NYcPSLP9aEniY7cfKYrpFT7z0eJgBAx2FA=
@size 495555
@ts 1768594063
opensearch/lib/tools/plugin-cli/commons-codec-1.18.0.jar
@sha ugBfMEzvkqPe3iSjitWsm4r8zw2PdYOdbBM4Y0z39uQ=
@size 373045
@ts 1768594063
opensearch/lib/tools/plugin-cli/commons-compress-1.28.0.jar
@sha 4VIpRSGEVvNkmjm8Sv1wzkvUZiIVGdun03jyFBpGQso=
@size 1117221
@ts 1768594063
opensearch/lib/tools/plugin-cli/commons-io-2.16.0.jar
@sha 0eQXkBI1+uOqDLlza66vW3Tec0mBfRxyOQ2C49g9Opc=
@size 511185
@ts 1768594063
opensearch/lib/tools/plugin-cli/commons-lang3-3.18.0.jar
@sha Tu6ujSDAeKu2SwFewVit04OsWBVxzdxFxo8MmuAjByA=
@size 702952
@ts 1768594063
opensearch/lib/tools/plugin-cli/opensearch-agent-policy-3.4.0.jar
@sha 9qCLlVFNzJ5b1QbrQ98u49Yiu0NdHVb1GoSBKxDg8CY=
@size 28272
@ts 1768594063
opensearch/lib/tools/plugin-cli/opensearch-plugin-cli-3.4.0.jar
@sha 4oE3Pxc+y/J21Yxq4c+1jfuAcVt2B66EhNg2ElPozz8=
@size 41292
@ts 1768594063
opensearch/lib/zstd-jni-1.5.6-1.jar
@sha ppWW+EKANZSijTKsR7w/VSeFbFGAWCJuE0u2AgEOrjQ=
@size 6795212
@ts 1768594063
opensearch/manifest.yml
@sha BeJW3hNaxpCutk+eci8OHhOtN3UQYVa/EptJzWXF3Io=
@size 10741
@ts 1768594063
opensearch/modules/
opensearch/modules/aggs-matrix-stats/
opensearch/modules/aggs-matrix-stats/aggs-matrix-stats-client-3.4.0.jar
@sha rbAsuB0nU0MdoE1wQBjnHQCWsaXNaLIkq6Ch6qSfp64=
@size 62780
@ts 1768594063
opensearch/modules/aggs-matrix-stats/plugin-descriptor.properties
@sha vIGw+C1WKEGapiaCc3CO2mlPzjM4sVA7z/Yg/8C7swk=
@size 1995
@ts 1768594063
opensearch/modules/analysis-common/
opensearch/modules/analysis-common/analysis-common-3.4.0.jar
@sha TCIHrJTSQvNaDYNXbHl0S4u7xhQu8lP5yoEWPhYFqUQ=
@size 199024
@ts 1768594063
opensearch/modules/analysis-common/plugin-descriptor.properties
@sha Bw4b54uiFeGiDc9UDQW1YHkqIRGEPqvT7spjLY5IG+U=
@size 1944
@ts 1768594063
opensearch/modules/cache-common/
opensearch/modules/cache-common/cache-common-3.4.0.jar
@sha mr3au3DQX93rklLlLGHorXlM7lmP5BTW1xfaEgWk/bs=
@size 38397
@ts 1768594063
opensearch/modules/cache-common/plugin-descriptor.properties
@sha vFaMyfglEmTNXiS+WoDzNDEgiv3mY9fZA6tjJ5+bQ2I=
@size 1976
@ts 1768594063
opensearch/modules/cache-common/plugin-security.policy
@sha h1+WD08H5+fsUCJlivT6j5qzMk93to6/1l4rw8hyk40=
@size 352
@ts 1768594063
opensearch/modules/geo/
opensearch/modules/geo/geo-3.4.0.jar
@sha hjSpKEsVL1nw4Kg73ALBnNJl7lCmfqoUqjksK5wEsD0=
@size 95134
@ts 1768594063
opensearch/modules/geo/plugin-descriptor.properties
@sha El3GUns/UbGRZz+sjUnWqAn8dUIjXzMN127oYiW1oxI=
@size 1969
@ts 1768594063
opensearch/modules/ingest-common/
opensearch/modules/ingest-common/ingest-common-3.4.0.jar
@sha VljOQuem2p6ytW9anZCkivUW5x/Ol39W8Khu4sfzvWI=
@size 168610
@ts 1768594063
opensearch/modules/ingest-common/jcodings-1.0.63.jar
@sha 7xHhdBplFgxWGc0sPHnEDuCv/ahHBi8BJhYDS50Q5xk=
@size 1760082
@ts 1768594063
opensearch/modules/ingest-common/joni-2.2.6.jar
@sha +zP2CrQ+OGUzF7v0Gh/sicvuJwxI5TsLVtEWXADeDgc=
@size 232385
@ts 1768594063
opensearch/modules/ingest-common/opensearch-dissect-3.4.0.jar
@sha RIXP1k5qXtpKqLj3VFjlGQ5Ch+CRsQ7/NPPz+PU1NRk=
@size 23479
@ts 1768594063
opensearch/modules/ingest-common/opensearch-grok-3.4.0.jar
@sha b3nCTh4Zim0730E3zIbOn6Mz0SXF/kbQNLAJW05/5go=
@size 49918
@ts 1768594063
opensearch/modules/ingest-common/plugin-descriptor.properties
@sha ZLSZGyvPscMEIL/uQrBhJKoaj2ZcXrllFXQuGhHuEs8=
@size 2019
@ts 1768594063
opensearch/modules/ingest-geoip/
opensearch/modules/ingest-geoip/GeoLite2-ASN.mmdb
@sha 1cCK8gEaTmVZ4EMXdzGYxy6e1LdJ7+c9/GYJerARlrU=
@size 6603852
@ts 1768594063
opensearch/modules/ingest-geoip/GeoLite2-City.mmdb
@sha GtKSOWfRDG2Rl49+uwrZuIj/cZDBPQpgIeG9cbPXsk4=
@size 62898296
@ts 1768594064
opensearch/modules/ingest-geoip/GeoLite2-Country.mmdb
@sha HGaOSQzdhLFAF52FLBkRajXshhLdO+q+/3zh3OU2/TA=
@size 3988184
@ts 1768594064
opensearch/modules/ingest-geoip/geoip2-4.4.0.jar
@sha Y+DKl2m8zhjA0DEsDpqLX/H7Hv44k27097JoIYrYe4U=
@size 63974
@ts 1768594064
opensearch/modules/ingest-geoip/ingest-geoip-3.4.0.jar
@sha ugr3qAovF40FJ2x3P1NG34WjbtGeH8lb+1+YRtsFXEw=
@size 27878
@ts 1768594064
opensearch/modules/ingest-geoip/jackson-annotations-2.18.2.jar
@sha WBvWEADvdkiUP3gcoFaJ5W0D9gUnSDZajis6m10/oy8=
@size 78494
@ts 1768594064
opensearch/modules/ingest-geoip/jackson-databind-2.18.2.jar
@sha SzZOaFDciRcvzx1N0muP9UiO2kT/RlfiLdJlID3Vqzw=
@size 1658755
@ts 1768594064
opensearch/modules/ingest-geoip/jackson-datatype-jsr310-2.18.2.jar
@sha 4tIC1GBuI66vilqWMtsG9f79W2PSUcP1A/n6qnhTDlw=
@size 132690
@ts 1768594064
opensearch/modules/ingest-geoip/maxmind-db-3.2.0.jar
@sha OGMCclKhfZ4PigUbH6sGpqRQXD+qZqG1w1jjAeNWlUc=
@size 39474
@ts 1768594064
opensearch/modules/ingest-geoip/plugin-descriptor.properties
@sha srS89IGLskXnz57cAGCfu0mDXCtf4k15Q+GKaxgAA/0=
@size 1977
@ts 1768594064
opensearch/modules/ingest-geoip/plugin-security.policy
@sha 3XqLWQZ3MptEvmh/wR4Wy6bcdhRCMID491/Bo/4ugEs=
@size 1764
@ts 1768594064
opensearch/modules/ingest-user-agent/
opensearch/modules/ingest-user-agent/ingest-user-agent-3.4.0.jar
@sha kLs6kJmfN49QYS6wTCIxRWiXuQhx5swqS74mm5gImvc=
@size 66638
@ts 1768594064
opensearch/modules/ingest-user-agent/plugin-descriptor.properties
@sha tkWiuTR+JB3xuQJu4bxOFxp4aBxOIgqU8oxGInbvYI8=
@size 1955
@ts 1768594064
opensearch/modules/lang-expression/
opensearch/modules/lang-expression/antlr4-runtime-4.13.1.jar
@sha VGZdKDjMZkWDQ0aO/FOeRU/JW0aooEsTxqxD/JvmNQU=
@size 326305
@ts 1768594064
opensearch/modules/lang-expression/asm-9.7.jar
@sha rfRtXjSUC98Ujs3Sap7o7qlElqcgNP9xQQZrPupcTp0=
@size 125428
@ts 1768594064
opensearch/modules/lang-expression/asm-commons-9.7.jar
@sha OJvCR5WOBJ/JoECNOYySxtNwwYA1EgOV1Muh2dkwS3o=
@size 73426
@ts 1768594064
opensearch/modules/lang-expression/asm-tree-9.7.jar
@sha YvSzvENgRcGstcO6LY7FVuwzaQk9f10Gx0frBLVtUrE=
@size 51934
@ts 1768594064
opensearch/modules/lang-expression/lang-expression-3.4.0.jar
@sha 4rZKOMz+b0IzNAZJpyee8XiyNATA0GYF0k04R8Am1HE=
@size 68157
@ts 1768594064
opensearch/modules/lang-expression/lucene-expressions-10.3.2.jar
@sha gTsMiiFTOPpX12Pb44w5V7l3bD7zA5BZM/AZDkZPplQ=
@size 80867
@ts 1768594064
opensearch/modules/lang-expression/plugin-descriptor.properties
@sha zgOcNmdHAjTynB9BhsFHsjLQz5X05r393YxUU0deI5Q=
@size 1934
@ts 1768594064
opensearch/modules/lang-expression/plugin-security.policy
@sha fF58dkQoFmiBCufDyaF8iXBMC03T6GLgttibwN/zEBU=
@size 1856
@ts 1768594064
opensearch/modules/lang-mustache/
opensearch/modules/lang-mustache/compiler-0.9.14.jar
@sha mafnhVYJE1AG8Hjm3n7mnarZxC+Y5nnVb4BlPLF1Jrk=
@size 116051
@ts 1768594064
opensearch/modules/lang-mustache/lang-mustache-client-3.4.0.jar
@sha UaOurK0k17KalnyIad5CvPtxmC8B44CIUVc+l43sfF0=
@size 66689
@ts 1768594064
opensearch/modules/lang-mustache/plugin-descriptor.properties
@sha evxRK6OVPpPKvB5qgYXLSedypZWHo+OOP/Phn087SgQ=
@size 1928
@ts 1768594064
opensearch/modules/lang-mustache/plugin-security.policy
@sha NJS4ca5o9LIKAlRuhCeziczVFl0a58nV7AntCBEL6CM=
@size 1202
@ts 1768594064
opensearch/modules/lang-painless/
opensearch/modules/lang-painless/antlr4-runtime-4.13.1.jar
@sha VGZdKDjMZkWDQ0aO/FOeRU/JW0aooEsTxqxD/JvmNQU=
@size 326305
@ts 1768594064
opensearch/modules/lang-painless/asm-9.7.jar
@sha rfRtXjSUC98Ujs3Sap7o7qlElqcgNP9xQQZrPupcTp0=
@size 125428
@ts 1768594064
opensearch/modules/lang-painless/asm-analysis-9.7.jar
@sha e8a8vCE3mUigyMRn+w+GQgbluBj2vAtUaHL1yflBVW8=
@size 34776
@ts 1768594064
opensearch/modules/lang-painless/asm-commons-9.7.jar
@sha OJvCR5WOBJ/JoECNOYySxtNwwYA1EgOV1Muh2dkwS3o=
@size 73426
@ts 1768594064
opensearch/modules/lang-painless/asm-tree-9.7.jar
@sha YvSzvENgRcGstcO6LY7FVuwzaQk9f10Gx0frBLVtUrE=
@size 51934
@ts 1768594064
opensearch/modules/lang-painless/asm-util-9.7.jar
@sha N6ZBTTZkGXPxrxBJN8ldbZIbLdtNYSxmxanysT/BQhE=
@size 93784
@ts 1768594064
opensearch/modules/lang-painless/lang-painless-3.4.0.jar
@sha LG0vIu+QV0TORoHYwGEn97X3jaadp6XW36bLFjBOSBM=
@size 722786
@ts 1768594064
opensearch/modules/lang-painless/opensearch-scripting-painless-spi-3.4.0.jar
@sha 81saORza7oG/QZ+oRPpcUtcboEs3lS4VxUA9G4HBoIA=
@size 30326
@ts 1768594064
opensearch/modules/lang-painless/plugin-descriptor.properties
@sha 9iOGrHX/wraOZ1TXuTy9rnAc/Dm601F/b4s/hJ8OINE=
@size 1932
@ts 1768594064
opensearch/modules/lang-painless/plugin-security.policy
@sha BEqSpp2Ixdgkz7eiePs5hK4TtZ8UMJgl+cIXFdbQPp0=
@size 1332
@ts 1768594064
opensearch/modules/mapper-extras/
opensearch/modules/mapper-extras/mapper-extras-client-3.4.0.jar
@sha b31OHxdWuvJTN4JIaaBT5hh04XzoGxdcDItxWA/fdf8=
@size 85807
@ts 1768594064
opensearch/modules/mapper-extras/plugin-descriptor.properties
@sha 0uMBOBdIkRDE37531QbefIGOqPE6ThCClQlbPl8Uho8=
@size 1911
@ts 1768594064
opensearch/modules/opensearch-dashboards/
opensearch/modules/opensearch-dashboards/commons-codec-1.18.0.jar
@sha ugBfMEzvkqPe3iSjitWsm4r8zw2PdYOdbBM4Y0z39uQ=
@size 373045
@ts 1768594064
opensearch/modules/opensearch-dashboards/commons-logging-1.3.5.jar
@sha bXp0TkAnZJ+7UIld+Ul9EJ+Yx2amNwYv6NLqu7MUC6Q=
@size 73737
@ts 1768594064
opensearch/modules/opensearch-dashboards/httpclient5-5.4.4.jar
@sha P4ZX6rkbdTPlzyMtTiaCU8T/n5nx5LzWeEFhi+1n8t4=
@size 911620
@ts 1768594064
opensearch/modules/opensearch-dashboards/httpcore5-5.3.4.jar
@sha 8rL9egFk6MMSDNhDe8n+pDkjnhZcFyYrPpB9qn6Xn4A=
@size 908601
@ts 1768594064
opensearch/modules/opensearch-dashboards/httpcore5-h2-5.3.4.jar
@sha H7TzTkthLnwSetaTM1WDWHhQsXzpscNm+d4cpJ/ix4E=
@size 241692
@ts 1768594064
opensearch/modules/opensearch-dashboards/httpcore5-reactive-5.3.4.jar
@sha EPMnrkhmgQW4kgX7AXf2ajMECwr0RVqmj/OD07p8DLU=
@size 20591
@ts 1768594064
opensearch/modules/opensearch-dashboards/opensearch-dashboards-3.4.0.jar
@sha piuIzzXn+WbS+dNXzaOys/rLdvBkBAQ2nfsXfik3VVA=
@size 9382
@ts 1768594064
opensearch/modules/opensearch-dashboards/opensearch-rest-client-3.4.0.jar
@sha U0MBCalAXUrvDFY6H7z1tId84+fCBGam2/Y7C2z8vo0=
@size 90769
@ts 1768594064
opensearch/modules/opensearch-dashboards/opensearch-ssl-config-3.4.0.jar
@sha No+yERBHxJGtJTyEVhBs8FvfdYvUVefk4pWpRM4FTUo=
@size 65041
@ts 1768594064
opensearch/modules/opensearch-dashboards/plugin-descriptor.properties
@sha mwni8N9ygF8zuKSxYIECCIinpscxgh7oaVsfHxbgXv4=
@size 1959
@ts 1768594064
opensearch/modules/opensearch-dashboards/reindex-client-3.4.0.jar
@sha DkVmMxyIJyqOhpEsMmdeDC3w9aDU7/sx7FsrQmyqkFY=
@size 128549
@ts 1768594064
opensearch/modules/opensearch-dashboards/slf4j-api-2.0.17.jar
@sha e3UdlSBhlU1av+1xgcH2RdM2CRtnmJFZHWMynGIuuDI=
@size 69908
@ts 1768594064
opensearch/modules/parent-join/
opensearch/modules/parent-join/parent-join-client-3.4.0.jar
@sha D6m2Fe6ONYm73rAutrtD6zmKILMDGALS6WZ1z105Ir0=
@size 87959
@ts 1768594064
opensearch/modules/parent-join/plugin-descriptor.properties
@sha VjKKzV1UNIM85NfWPIMBxOcjDKdeuvlWW56k7x7B/hg=
@size 1938
@ts 1768594064
opensearch/modules/percolator/
opensearch/modules/percolator/percolator-client-3.4.0.jar
@sha Z75VK/l/vOzBVfu2cvxs5/K2UXK2R6pYCOJWLOrgcTM=
@size 77240
@ts 1768594064
opensearch/modules/percolator/plugin-descriptor.properties
@sha 1V0pYo+qEDJ1rQActDO4g+OlNy+tJu5Cfw4osxE0rY4=
@size 1975
@ts 1768594064
opensearch/modules/rank-eval/
opensearch/modules/rank-eval/plugin-descriptor.properties
@sha +JkuNQlPJHGOQdFK720K+VOi8YfhlW1W7cSiqd0+mpE=
@size 1937
@ts 1768594064
opensearch/modules/rank-eval/rank-eval-client-3.4.0.jar
@sha K3qE0Koucc23E+zEvpGLBSYBRrOjcAYWyt00fN9NC6A=
@size 82745
@ts 1768594064
opensearch/modules/reindex/
opensearch/modules/reindex/commons-codec-1.18.0.jar
@sha ugBfMEzvkqPe3iSjitWsm4r8zw2PdYOdbBM4Y0z39uQ=
@size 373045
@ts 1768594064
opensearch/modules/reindex/commons-logging-1.3.5.jar
@sha bXp0TkAnZJ+7UIld+Ul9EJ+Yx2amNwYv6NLqu7MUC6Q=
@size 73737
@ts 1768594064
opensearch/modules/reindex/httpclient5-5.4.4.jar
@sha P4ZX6rkbdTPlzyMtTiaCU8T/n5nx5LzWeEFhi+1n8t4=
@size 911620
@ts 1768594064
opensearch/modules/reindex/httpcore5-5.3.4.jar
@sha 8rL9egFk6MMSDNhDe8n+pDkjnhZcFyYrPpB9qn6Xn4A=
@size 908601
@ts 1768594064
opensearch/modules/reindex/httpcore5-h2-5.3.4.jar
@sha H7TzTkthLnwSetaTM1WDWHhQsXzpscNm+d4cpJ/ix4E=
@size 241692
@ts 1768594064
opensearch/modules/reindex/httpcore5-reactive-5.3.4.jar
@sha EPMnrkhmgQW4kgX7AXf2ajMECwr0RVqmj/OD07p8DLU=
@size 20591
@ts 1768594064
opensearch/modules/reindex/opensearch-rest-client-3.4.0.jar
@sha U0MBCalAXUrvDFY6H7z1tId84+fCBGam2/Y7C2z8vo0=
@size 90769
@ts 1768594064
opensearch/modules/reindex/opensearch-ssl-config-3.4.0.jar
@sha No+yERBHxJGtJTyEVhBs8FvfdYvUVefk4pWpRM4FTUo=
@size 65041
@ts 1768594064
opensearch/modules/reindex/parent-join/
opensearch/modules/reindex/parent-join/plugin-descriptor.properties
@sha VjKKzV1UNIM85NfWPIMBxOcjDKdeuvlWW56k7x7B/hg=
@size 1938
@ts 1768594064
opensearch/modules/reindex/plugin-descriptor.properties
@sha +iZra/L/u+TKHA4floQTKLUEras33xcdIpxL5nrUQQo=
@size 1969
@ts 1768594064
opensearch/modules/reindex/plugin-security.policy
@sha WIit+xgH7x5XxRCdUU/V9T3EiMRKRbRhP2TZovz9xUY=
@size 1577
@ts 1768594064
opensearch/modules/reindex/reindex-client-3.4.0.jar
@sha DkVmMxyIJyqOhpEsMmdeDC3w9aDU7/sx7FsrQmyqkFY=
@size 128549
@ts 1768594064
opensearch/modules/reindex/slf4j-api-2.0.17.jar
@sha e3UdlSBhlU1av+1xgcH2RdM2CRtnmJFZHWMynGIuuDI=
@size 69908
@ts 1768594064
opensearch/modules/reindex/transport-netty4/
opensearch/modules/reindex/transport-netty4/plugin-descriptor.properties
@sha WfTdLic5NH5ib+2+K8iJBptcJF0SxfIqSnmAcpA7cjM=
@size 1916
@ts 1768594064
opensearch/modules/reindex/transport-netty4/plugin-security.policy
@sha 9F+ZQHjJiBMiI+TlBMXsLVO9JtqQFRvrogEQ2FhgNiw=
@size 1930
@ts 1768594064
opensearch/modules/repository-url/
opensearch/modules/repository-url/plugin-descriptor.properties
@sha jg4bo4Zo9nH8kpo9VCcGFhWp9kUcKTEJnY0zhJabeP4=
@size 1920
@ts 1768594064
opensearch/modules/repository-url/plugin-security.policy
@sha gj0jg2Ei2RvLFs1lLdylrJM+akXFP37ffwz0O06wPmI=
@size 1156
@ts 1768594064
opensearch/modules/repository-url/repository-url-3.4.0.jar
@sha YFThOD/D4qDr1DorQOfZbas8Qa7wsA9IdK/oT/Eonpw=
@size 15416
@ts 1768594064
opensearch/modules/rule-framework/
opensearch/modules/rule-framework/autotagging-commons-spi-3.4.0.jar
@sha +cV94Ku98CeI6g267SF/ufQo5lvT1Q+wQGMHjXzzh4s=
@size 6284
@ts 1768594064
opensearch/modules/rule-framework/common-3.4.0.jar
@sha GmKCIAs1tBiSoApStL8fQIz8bO1npSyrDRZt1e7bocE=
@size 60897
@ts 1768594064
opensearch/modules/rule-framework/commons-collections4-4.5.0.jar
@sha APkyY8JnviAbiuUhtEpxNycbFmiENTQL9inbG6wKWEU=
@size 898652
@ts 1768594064
opensearch/modules/rule-framework/plugin-descriptor.properties
@sha XGQPSA/jG+KpTIBtNGAMhqBl2KGYxqoBgSl4mf1w1hk=
@size 1904
@ts 1768594064
opensearch/modules/rule-framework/rule-framework-3.4.0.jar
@sha +mh0yRVS9xzKkOE1EFvz07Xhckm348sbXqzJyuPHt1w=
@size 43188
@ts 1768594064
opensearch/modules/search-pipeline-common/
opensearch/modules/search-pipeline-common/plugin-descriptor.properties
@sha MPedsg70VDLfwwiprWdsluyG8137D1FpSLHa89ud/hA=
@size 2054
@ts 1768594064
opensearch/modules/search-pipeline-common/search-pipeline-common-3.4.0.jar
@sha nJA1OO4pll0jKty3ZE77GI1eXZzNQuzmoLRK0yeWCKU=
@size 69080
@ts 1768594064
opensearch/modules/store-subdirectory/
opensearch/modules/store-subdirectory/plugin-descriptor.properties
@sha aDK37QoP07ILAEOzh/CSav6TmlR73u7xBnw3R33Ecsw=
@size 1937
@ts 1768594064
opensearch/modules/store-subdirectory/store-subdirectory-3.4.0.jar
@sha ZtEY3gGCT4JIjcDQCS7Y4yQEOwOZH1aEntLu9kXlsSg=
@size 15051
@ts 1768594064
opensearch/modules/systemd/
opensearch/modules/systemd/plugin-descriptor.properties
@sha bEPkN/CA8cP/x1aA0+0tJTfiWSe8Hau90FTMYm5HQU4=
@size 1902
@ts 1768594064
opensearch/modules/systemd/plugin-security.policy
@sha iqhd3T4RDwDf2XnI/8AtHon6ZV5BD7QSmqK9njWd0/4=
@size 1234
@ts 1768594064
opensearch/modules/systemd/systemd-3.4.0.jar
@sha 73u60OlaOOorQJihe31BTUQWcrFO8BlIK5USzIyn1yU=
@size 9069
@ts 1768594064
opensearch/modules/transport-grpc/
opensearch/modules/transport-grpc/error_prone_annotations-2.24.1.jar
@sha Gf4vcVXSDqCTFoUnmZ2pgQgQPuVG0ei3JrxLJ8MaPDA=
@size 16831
@ts 1768594064
opensearch/modules/transport-grpc/failureaccess-1.0.2.jar
@sha io+Bz5s1nj9t+mkaHndphcBh7y8iPJssgHU+G0WOgGQ=
@size 4740
@ts 1768594064
opensearch/modules/transport-grpc/grpc-api-1.75.0.jar
@sha fzCWFmkfplXQJRJ2IEntGL9KsrUs7UJMqy9SfQu44/w=
@size 323413
@ts 1768594064
opensearch/modules/transport-grpc/grpc-core-1.75.0.jar
@sha 8Qzb5Vg3hJTk/8axuzKLihN/MgHUbIsk8BVOueURkaE=
@size 655917
@ts 1768594064
opensearch/modules/transport-grpc/grpc-netty-shaded-1.75.0.jar
@sha 0z1HqXIKOSUSxOTOqhekWKDj7WGI0X6Y1sT68GeTdNc=
@size 10573999
@ts 1768594064
opensearch/modules/transport-grpc/grpc-protobuf-1.75.0.jar
@sha 9StTw0mwd2gV5Ddjbf89OETpsQy7Jb5Bmnhr89byAmk=
@size 5204
@ts 1768594064
opensearch/modules/transport-grpc/grpc-protobuf-lite-1.75.0.jar
@sha YPr8YnqgS8qzKNzJIG8OeqcdlfG2EndKGCct/n3CTPE=
@size 7815
@ts 1768594064
opensearch/modules/transport-grpc/grpc-services-1.75.0.jar
@sha trPbb+zxQiDbF9CF6yFD98aIefYHLyFZaSwkxgfpOR8=
@size 950148
@ts 1768594064
opensearch/modules/transport-grpc/grpc-stub-1.75.0.jar
@sha 3Jj+GGVCBpSGZuZlfhP+MBrQdUdR8oxsEJYeHmxFeZc=
@size 61041
@ts 1768594064
opensearch/modules/transport-grpc/grpc-util-1.75.0.jar
@sha krWhGV2tTL18QFsBy9n9LbvVSNE9TPq/nS1qN7rUy4E=
@size 98878
@ts 1768594064
opensearch/modules/transport-grpc/guava-33.2.1-jre.jar
@sha RSstl4e302b6jPXtmhxAQEVC0F7/p6WY2gO7u7dtnzE=
@size 3051356
@ts 1768594064
opensearch/modules/transport-grpc/perfmark-api-0.27.0.jar
@sha x7R4UD7FJOVd8ZtCTUbSfIporrgBZk+t1PBptx9S0PY=
@size 6954
@ts 1768594064
opensearch/modules/transport-grpc/plugin-descriptor.properties
@sha SRGyZn2WbDt2bVuSdCa6JMOjFDxp0V5HJdfLwvdYAaQ=
@size 1908
@ts 1768594064
opensearch/modules/transport-grpc/plugin-security.policy
@sha Kulh5Fo6jkeKSIfky1+2Ng5XpJCSpF/H0/ofR/6cn4A=
@size 676
@ts 1768594064
opensearch/modules/transport-grpc/protobufs-0.24.0.jar
@sha JmerQPZD82v94NF1nDWMDXUptQZEIFxcKee1qejLx3U=
@size 2939203
@ts 1768594064
opensearch/modules/transport-grpc/transport-grpc-3.4.0.jar
@sha t1pcEQJzZBsGb/yipzGBmMeEooFP+BUfCJEEjJ7iX0I=
@size 284545
@ts 1768594064
opensearch/modules/transport-grpc/transport-grpc-spi-3.4.0.jar
@sha tfcZMMWwEEoNOGRAnk4vd6FeoGPx87Qd7Gx9l3nH0aE=
@size 8264
@ts 1768594064
opensearch/modules/transport-netty4/
opensearch/modules/transport-netty4/netty-buffer-4.2.7.Final.jar
@sha uBYTyO0iscw57M8qKL0MHUVh+y5eVCBhYX70zh0ii/U=
@size 373323
@ts 1768594064
opensearch/modules/transport-netty4/netty-codec-4.2.7.Final.jar
@sha XzaWWDgXiZmMBCqY8C2nHZw5iEu7T3/VgoL3ZeCcoDE=
@size 3947
@ts 1768594064
opensearch/modules/transport-netty4/netty-codec-base-4.2.7.Final.jar
@sha Y2BBW3yHFgr83l59SUbDVTm58EPoFmyRp//5XMYGfZ8=
@size 152980
@ts 1768594064
opensearch/modules/transport-netty4/netty-codec-compression-4.2.7.Final.jar
@sha 7dU600mRgEMBpGVxET2P+01vZ+bYdGdNr7uRVyQnXLM=
@size 182886
@ts 1768594064
opensearch/modules/transport-netty4/netty-codec-http-4.2.7.Final.jar
@sha KYTdOEIKYcTdaPysxR/8Uo60b3P3eVza/bOk1vy3aGI=
@size 683327
@ts 1768594064
opensearch/modules/transport-netty4/netty-codec-http2-4.2.7.Final.jar
@sha yYJUmD3/qcYrzLDjljjhE4/rTde0bnpmPnkPagcKkwY=
@size 501115
@ts 1768594064
opensearch/modules/transport-netty4/netty-common-4.2.7.Final.jar
@sha I0W8DtWEP6V6pJ66Z1KUhcOh1CD88EKTJMgiDHqA6aY=
@size 789111
@ts 1768594064
opensearch/modules/transport-netty4/netty-handler-4.2.7.Final.jar
@sha IdBjQJwS287EbTgMiFag97altou18dAF6wZbTWQUbLM=
@size 581349
@ts 1768594064
opensearch/modules/transport-netty4/netty-resolver-4.2.7.Final.jar
@sha fk1WmGfmwIQ3+yGiIOoBwpSw448BFJtoPIlaG82ShDg=
@size 38454
@ts 1768594064
opensearch/modules/transport-netty4/netty-transport-4.2.7.Final.jar
@sha qtxvsFwU+3iTaMo/hUchVJxy9sDYF5i7zPneG7cWiSs=
@size 562559
@ts 1768594064
opensearch/modules/transport-netty4/netty-transport-native-unix-common-4.2.7.Final.jar
@sha c2cDs/bRJ+GC9b6Ii24VcysMCNZjTgByU1KmqdGZdLI=
@size 46861
@ts 1768594064
opensearch/modules/transport-netty4/plugin-descriptor.properties
@sha WfTdLic5NH5ib+2+K8iJBptcJF0SxfIqSnmAcpA7cjM=
@size 1916
@ts 1768594064
opensearch/modules/transport-netty4/plugin-security.policy
@sha 9F+ZQHjJiBMiI+TlBMXsLVO9JtqQFRvrogEQ2FhgNiw=
@size 1930
@ts 1768594064
opensearch/modules/transport-netty4/transport-netty4-client-3.4.0.jar
@sha X1iDjYNlZilV/evLqOoxD4mdYU0/qm23srMtW3g46UU=
@size 111460
@ts 1768594064
opensearch/opensearch-security-analytics/
opensearch/opensearch-security-analytics/rules/
opensearch/opensearch-security-analytics/rules/ad_ldap/
opensearch/opensearch-security-analytics/rules/ad_ldap/azure_aad_secops_signin_failure_bad_password_threshold.yml
@sha 2gbqb8isTQjIJd4ynKAxEGz7mkAW4/uUwev4ZlB3yEM=
@size 990
@ts 1768594064
opensearch/opensearch-security-analytics/rules/ad_ldap/azure_aadhybridhealth_adfs_new_server.yml
@sha 7kIsi2SrBFv5NqsnRm/2fQyu0QHI3d1cKsxrJgRNVWw=
@size 1186
@ts 1768594064
opensearch/opensearch-security-analytics/rules/ad_ldap/azure_aadhybridhealth_adfs_service_delete.yml
@sha duLso/hgIdFQlqzNQwB3/+W9L7KaYQnwpukQyGAMXoo=
@size 1146
@ts 1768594064
opensearch/opensearch-security-analytics/rules/ad_ldap/azure_ad_bitlocker_key_retrieval.yml
@sha KdcODBWckru0wOwyw1dvltY7ZG2jeahyAeRHviAZgNg=
@size 597
@ts 1768594064
opensearch/opensearch-security-analytics/rules/ad_ldap/azure_ad_device_registration_or_join_without_mfa.yml
@sha 29iU1ZTCUxWd2ZxNPhu3QoWi4BhROZKxyxoeQCQMk+0=
@size 795
@ts 1768594064
opensearch/opensearch-security-analytics/rules/ad_ldap/azure_ad_device_registration_policy_changes.yml
@sha A5YWe3jS4iAtYnznx5ypTNaZo3x8QYMjOCu4nWWL5lQ=
@size 678
@ts 1768594064
opensearch/opensearch-security-analytics/rules/ad_ldap/azure_ad_sign_ins_from_noncompliant_devices.yml
@sha 6jjHWah+Q+26IoKC7wHsBpd6EoqYNozJ3gnaaqIs240=
@size 605
@ts 1768594064
opensearch/opensearch-security-analytics/rules/ad_ldap/azure_ad_sign_ins_from_unknown_devices.yml
@sha ItGt/Tz1GshIVeJlWPkvYzOWPK3tov5I+phdHH0Tuos=
@size 710
@ts 1768594064
opensearch/opensearch-security-analytics/rules/ad_ldap/azure_ad_user_added_to_admin_role.yml
@sha JIUNngtBmYB6p7R6+aEgg3zUQvJJngAwnPYBtzzduio=
@size 874
@ts 1768594064
opensearch/opensearch-security-analytics/rules/ad_ldap/azure_ad_users_added_to_device_admin_roles.yml
@sha YKxiXs+9Zwjlbh02pRX0sH1TjoaVvKUTRGd7vh9J5+8=
@size 786
@ts 1768594064
opensearch/opensearch-security-analytics/rules/ad_ldap/win_ldap_recon.yml
@sha haCh9vg0sk/hKLZiseTGHKNlcSWQJe9sT4+zxqfSLyo=
@size 3223
@ts 1768594064
opensearch/opensearch-security-analytics/rules/apache_access/
opensearch/opensearch-security-analytics/rules/apache_access/web_apache_segfault.yml
@sha yRC0j6XtqsW6ZpiE1h4oB+oYTQi0eDymhX6rNfDBV7M=
@size 502
@ts 1768594064
opensearch/opensearch-security-analytics/rules/apache_access/web_apache_threading_error.yml
@sha LfJWlWbSD462y39AJ3lZ1csAfZTbpw6l8kCElNg4pcY=
@size 614
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/
opensearch/opensearch-security-analytics/rules/azure/azure_aad_secops_ca_policy_removedby_bad_actor.yml
@sha jUPxTnrHx4EXgwbTfhf7koHBz/Hz71FWul/AhDq5lZI=
@size 848
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_aad_secops_ca_policy_updatedby_bad_actor.yml
@sha 9vtqKwJDR1+sGcC6XCOOuxr7xKwit6sATwKK55d3buk=
@size 896
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_aad_secops_new_ca_policy_addedby_bad_actor.yml
@sha ctLp4HKl4dX11Qz8lPxBMmyweeuTwgXu41b1xAkEuuo=
@size 735
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_aad_secops_signin_failure_bad_password_threshold.yml
@sha Pg0dA7pDdxhuI+efKFo+zICYn4O+Mh3A3//2PRplEoo=
@size 990
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_aadhybridhealth_adfs_new_server.yml
@sha LE9mW5UogjrIDDcKaGDzkF7WPw32TCwiTxqB708ltrg=
@size 1236
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_aadhybridhealth_adfs_service_delete.yml
@sha mn5ooHxegRieD7WDN5i1HxxWrAlgqE7HLzXTF27QQ0M=
@size 1196
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_account_lockout.yml
@sha AF6sVdmAYBV/T8pQcCDdPa7+pkrr9GMObY59cZIHcdU=
@size 636
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_ad_account_created_deleted.yml
@sha v4oTlQrSIv/croSvYRkROUUr5Iq7xPfWfZoFoklG1QM=
@size 785
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_ad_auth_failure_increase.yml
@sha XVQjx4C8kCRpdPUGnm/57IzQoBvrNbMoFpBGMOtPi7Y=
@size 665
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_ad_auth_sucess_increase.yml
@sha msjvMujW9+npQLNwoRNMVtOHH05Ggid5zCXBiWWy80I=
@size 744
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_ad_auth_to_important_apps_using_single_factor_auth.yml
@sha 7phoSkMgLfBM1viwF7ujH2AKvf6n3UX76TDOakTgoHQ=
@size 805
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_ad_authentications_from_countries_you_do_not_operate_out_of.yml
@sha kQY0VKTsDVRqjq5bJVjxnyKhvcp6khxi4fdoqymjlY0=
@size 830
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_ad_azurehound_discovery.yml
@sha STwkbtH0TqL6kge5R7Xzs2xRNtUMXRyBu+D3923WcI8=
@size 660
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_ad_bitlocker_key_retrieval.yml
@sha IZ6tkpF7UROrdGztad5Psj4L2uWc+rtz4nQvBFdjilE=
@size 618
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_ad_device_registration_or_join_without_mfa.yml
@sha 5yu9h9ZxVHbnzI5xiMGEbmmafpRThn5mTi5YsmEXF/4=
@size 822
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_ad_device_registration_policy_changes.yml
@sha YaagBe5kCj/UdgU87eqvEAb2qYng2709hzOfT8MUhKQ=
@size 717
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_ad_failed_auth_from_countries_you_do_not_operate_out_of.yml
@sha /ZzSo++q2no+sDRd8FNhrnXZkDg/ffuE6iARsa7axaI=
@size 831
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_ad_guest_users_invited_to_tenant_by_non_approved_inviters.yml
@sha MrmdM8ViDKaAeYFCbl5fqOnwybYnNSUIEB2i0q8OWeo=
@size 830
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_ad_only_single_factor_auth_required.yml
@sha fNQCdOyYWiRXhA/l/Rv1NJitaUw2OKY5rBcCJb0iNW4=
@size 750
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_ad_risky_sign_ins_with_singlefactorauth_from_unknown_devices.yml
@sha L9A3WlkVSKUoaa0vo5haRc1kuA2SdctRVl/iiZ5dR+0=
@size 760
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_ad_sign_ins_from_noncompliant_devices.yml
@sha YcP9jb/9SZHGzGLA36J7oujT1uHDXRQBxDV1TEJSUCU=
@size 622
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_ad_sign_ins_from_unknown_devices.yml
@sha /iGufHoOCAktb0ct0vLL4QAxhFWkZ2rDDVIpk5oUG5w=
@size 758
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_ad_suspicious_signin_bypassing_mfa.yml
@sha t0a498kjN5yZZ5wDcB3BhE9hw1e1AiLhCHJPi0rwfic=
@size 948
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_ad_user_added_to_admin_role.yml
@sha F9+xNWY4/NMPABgxgV/uiHoaN0s+NA9WCUz+crgFwic=
@size 896
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_ad_users_added_to_device_admin_roles.yml
@sha Hjjdfq0pDGW/Wp7Ys7ocdZa8KssZBHsBfEAci7UwaYw=
@size 869
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_app_appid_uri_changes.yml
@sha sYPiOes0fmMCr3CmxhWnIi36zYI0+DYmiKdyXYtWdv8=
@size 938
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_app_credential_added.yml
@sha FqU6XVL2p0fTBTilUFe5l8HaYQTOCztIOcf5/zBm4Io=
@size 957
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_app_credential_modification.yml
@sha KSJSi6PAMcnyaOtsqOq2IqMI0Wly5CGqMgDx8xA0+Lw=
@size 934
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_app_delegated_permissions_all_users.yml
@sha S/Z3l4lO84TcAlzeUqr1qOK7EsJIY7blqS4JXHNPub0=
@size 771
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_app_device_code_authentication.yml
@sha 7VBETMIH4NtWOfABFN5xNNSc8P0MLnVqkP0x98n8z3I=
@size 1152
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_app_end_user_consent.yml
@sha HqMqwRCUSE+LDTg40DWa3zAuWyU/BCqAA00A2dgvJjc=
@size 615
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_app_end_user_consent_blocked.yml
@sha cZLuprzqlBp3hhL1D7lhqldqpFr4q4iVDGd/17QqKg8=
@size 721
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_app_owner_added.yml
@sha mySuwDY+1l7UL9nYZU0l134h65XQzERI3o1Iv+IglIY=
@size 781
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_app_permissions_msft.yml
@sha 3CqfF71i/K8Z9XLYi++opSocEvdhko08beWi+dxm5Kk=
@size 874
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_app_privileged_permissions.yml
@sha C7sSm4u4aviMytgFOf0OlnV9Q/nCSn1Rjhi/N8ZViVo=
@size 956
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_app_role_added.yml
@sha yIDpKSnE+5rqB79817IW1oKNpDvzd91gtbGjC12G4q8=
@size 886
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_app_ropc_authentication.yml
@sha 2VF7MnlvRLLto8CFpoJAGpOq2lRHtk2QMh8z/ho88x0=
@size 1111
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_app_uri_modifications.yml
@sha 0eIiB3af7TGWCApfGXJMAjMrSyY4FqFjbGR05x1x6f0=
@size 1131
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_application_deleted.yml
@sha xIdkmFnLUWSgF1EX6N3Ss8+AtkMu8yFwwL8wKumCTV8=
@size 1015
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_application_gateway_modified_or_deleted.yml
@sha 5NU53UvLP5BBKuB+e/gNk21W0SwymjAlNTHCmT/xTjs=
@size 1039
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_application_security_group_modified_or_deleted.yml
@sha qkz6RfP5naYzKuXwdV/sZ0aTYkFxdQcvjPbb5ga50Ms=
@size 1079
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_blocked_account_attempt.yml
@sha qlBdCGfmRSSM746OTcCbCaVWW6wxYSVcapTh3ALRdik=
@size 736
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_change_to_authentication_method.yml
@sha FvklRLqGOykG/kr5mrjWob5OvwwKUuF02hewpNkUwHY=
@size 845
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_conditional_access_failure.yml
@sha FfeYCgnkyxbg+Qi/gky/mc7uiFcQ9Np7FdW3WCq7OdI=
@size 820
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_container_registry_created_or_deleted.yml
@sha TvpS7OpWsvBhEn/EQwACJAP2f7MYjdYOruCiggEz80s=
@size 1420
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_creating_number_of_resources_detection.yml
@sha nB527dl1HshKGBIyfGW9yK4XRgTUzjr92d0tfTPy2Ic=
@size 761
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_device_no_longer_managed_or_compliant.yml
@sha iYi7P2Nz/X9GNlJ5D92OwxYMeI+04rI4H5WttFFTjEI=
@size 727
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_device_or_configuration_modified_or_deleted.yml
@sha 4aW4z10FDr9BmA3LX0S2ARx6J9AAgLFCYHD02LRfD0A=
@size 1192
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_dns_zone_modified_or_deleted.yml
@sha 0EiM0D+53bbFBy7vAmkizAzLhFBvgNh7bTBOzfQWNME=
@size 1034
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_federation_modified.yml
@sha zMwEyJH6odts7IUDpixpyaau3rZHxRtuLyQ8oM8qur8=
@size 1008
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_firewall_modified_or_deleted.yml
@sha rvFWT57LPF81EmqnL6P99tqKarDRJ7LBKTf2imnbQxg=
@size 1055
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_firewall_rule_collection_modified_or_deleted.yml
@sha L4+HPfu2QQCmvn0KjNEJjx8+PuH3BhhUVcb1iZdPWzg=
@size 1537
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_granting_permission_detection.yml
@sha pCkYPcrVDy3toacUZyHtWDdSjCC+/E2v7g+MlX9/syQ=
@size 753
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_group_user_addition_ca_modification.yml
@sha VIQdvW3/2ud0W452+VlrmTrci44ow4nIDEtwmyP1AZk=
@size 780
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_group_user_removal_ca_modification.yml
@sha 5gHTpoes/nDIK5Zlg7o9dm8IWDde9T72vTUcVKbv0gU=
@size 785
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_guest_invite_failure.yml
@sha ZNGc+Fbmt7mh6HDiE6BbkCPw0jDK6PlAxcmNaPhH4iM=
@size 799
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_guest_to_member.yml
@sha vPyy6QyuYGYXYSXnyrPsJcXVONEpudYMOJFB212LrmI=
@size 872
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_identity_protection_anomalous_token.yml
@sha 5wGLL5wpSpBF5XoGP1YhG9l8PSigH3Yh8w42KfRfLJg=
@size 930
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_identity_protection_anomalous_user.yml
@sha 7ELJcNm77B6+78EBmfIW/BlSAgJC+fABW5Jpc3XIq2s=
@size 920
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_identity_protection_anonymous_ip_activity.yml
@sha X9XsPJgmE0qR4MwEVUqxY67RQnXS0l9LDk3OwmA17Vw=
@size 1040
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_identity_protection_anonymous_ip_address.yml
@sha iGd0Gm5NGDg3EmcUA/fhgtcVv6mi3xg+J5pgIrhq5Xw=
@size 837
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_identity_protection_atypical_travel.yml
@sha rutQaACiqc+Cpz4CNa+rONp12f0L+LdiNW4H/6HEpso=
@size 1057
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_identity_protection_impossible_travel.yml
@sha 0ZnxQlxmnJoWTmXThQfcLHQCORnz3lovwLeWzuqL+2o=
@size 1055
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_identity_protection_inbox_forwarding_rule.yml
@sha 4Ej3HrzCffOLKLvf6UQq2ZWmzcb+vFh9vSDDdq5E81s=
@size 881
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_identity_protection_inbox_manipulation.yml
@sha T/9iGGsSHLLx9c4G9FgKxSKd/eCN+5EkbAqUcFZ12q8=
@size 911
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_identity_protection_leaked_credentials.yml
@sha XCyFdE4NyW0Gc3vdjhH3Cdf8FjhG/Bti+/NEmomrtTk=
@size 798
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_identity_protection_malicious_ip_address.yml
@sha ycC3nnOEgXrR5JrbG+BxOGInrazvrVLPJ6ynRMix1mA=
@size 917
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_identity_protection_malicious_ip_address_suspicious.yml
@sha 9d1nBp+y9/UyDiBAzBEES3SPD3v3Y+WNTC3nPdcnh0Y=
@size 929
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_identity_protection_malware_linked_ip.yml
@sha pBUNnrx1RtN3Y5jCmf2APwwpe+Tnx3P4r1x0MiyZO/g=
@size 906
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_identity_protection_new_coutry_region.yml
@sha 8qmmvZIrMNfv2y2c7gS0pEDielqFJ0aHPZ6PmifBwkU=
@size 1006
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_identity_protection_password_spray.yml
@sha iuCDWBJsJc5lkqQq+1xSTFY+Pkfoxkbjuj8TGxp4++I=
@size 883
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_identity_protection_prt_access.yml
@sha CjCgXeTrp+Z4aaEw8546pQXNV/tAr6DiTYPr95IDeS8=
@size 1036
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_identity_protection_suspicious_browser.yml
@sha xcwUOJZvrBLV0ufiyAjEWm83chpdo7yi2ZQQL5JJX64=
@size 1043
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_identity_protection_threat_intel.yml
@sha ESfntirl0py0Z5UEA6dRjQvmrWJ1fT6Nl+QXY2qnqgk=
@size 1188
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_identity_protection_token_issuer_anomaly.yml
@sha /xZUrhjYL1U5J6XZ3Vo4fu/YPVTm6tlXE+if0JPkiKw=
@size 992
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_identity_protection_unfamilar_sign_in.yml
@sha 54f4dV/A4/fXMHnOWRGT+lTxx4G2f/gAl+Bg7f3AfwU=
@size 1005
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_keyvault_key_modified_or_deleted.yml
@sha uOu1goY/gchsi4J/feF/ewp1+1bXdbA2jMaPXiLnkHg=
@size 1490
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_keyvault_modified_or_deleted.yml
@sha F4iU+ZrcU3w7wKcpNg7SbYJ855JWUbHzznXEvoG96LI=
@size 1177
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_keyvault_secrets_modified_or_deleted.yml
@sha 9EFeCzI/wUwTerWx2Z7E7IC14XV55rINh/sD8C1n7ok=
@size 1463
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_kubernetes_admission_controller.yml
@sha 6W0Ux+/115PcgHNema9sZpqNLYIim3cU/KTWA3C3XOE=
@size 1962
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_kubernetes_cluster_created_or_deleted.yml
@sha /g89uLP/TNToop/izV+Sm+qLoADCw2j0U6Tnl6JfhDs=
@size 1427
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_kubernetes_cronjob.yml
@sha +JCHGt9uuGf8N/d32I8/raWoYJGmYdVbH/OUfj0pUPM=
@size 1654
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_kubernetes_events_deleted.yml
@sha AtZuwJOe3HUkOBcc2H880Q3+6Y7b+geKMsdfDQoJpmU=
@size 1251
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_kubernetes_network_policy_change.yml
@sha bf0YVuZz5Vy5D6eXTKtpYqthXMDPcKy1oILgvFXbyHo=
@size 1709
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_kubernetes_pods_deleted.yml
@sha QLHWwAv5jLqRuN/Hvojv/ZijqEN3VuzS2fw4s0PQtWY=
@size 1069
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_kubernetes_role_access.yml
@sha 6iRyaxzTehI03fyOGfcr+Q0so9/41N5tZqc7WdxPWEM=
@size 2094
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_kubernetes_rolebinding_modified_or_deleted.yml
@sha NCNe5pJStBr8B5A2ASHILge8I5zmGog31tPCq8SyTZE=
@size 1819
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_kubernetes_secret_or_config_object_access.yml
@sha gSgUYqw4Pmx0zeI3+AhrhJo0r27efn+O7RzsK5jjhBM=
@size 1578
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_kubernetes_service_account_modified_or_deleted.yml
@sha PVI9O/bGZZsgr01R+MCmpEi7sjFGCcO2x37PVLBYvQg=
@size 1568
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_legacy_authentication_protocols.yml
@sha YgTnwFojZGznml4q9WVBmDWhVocGWXu6+VS8n1cHBZk=
@size 932
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_login_to_disabled_account.yml
@sha KOK4JhWbvm3qd0106vRL4/KhUxFoWDwaK7Cjcq+LPo0=
@size 675
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_mfa_denies.yml
@sha fC68js4Lilrkjxpve0xJK9SUllttpnLXHknLHJ+4hBE=
@size 862
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_mfa_disabled.yml
@sha Qp9rkwbHUEOnEKF1du36rE385XGKZv9ipMLW1CjC1M0=
@size 766
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_mfa_interrupted.yml
@sha 2WWG9AeeSEQeDLKnoxrM9yGVBA/PeIDsb96a9t7L5m4=
@size 985
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_network_firewall_policy_modified_or_deleted.yml
@sha cs59kddvMVKMEL1oPNld+T1hvFPLByDKigx6e/OVFZ0=
@size 1215
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_network_firewall_rule_modified_or_deleted.yml
@sha R6Ti56S1ikQNLX71vyPkrmDzJkcFWQUUlQ1bgUIBNu4=
@size 1248
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_network_p2s_vpn_modified_or_deleted.yml
@sha XV0ImGGCjxodkW2p8VjPEPkI3EECQau181+7RG+JqaQ=
@size 1345
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_network_security_modified_or_deleted.yml
@sha lak95aiLfGmv+KZLjU+ipjaUJ3c5HrEU2ZXM4pWEh5w=
@size 1418
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_network_virtual_device_modified_or_deleted.yml
@sha m05ZOBbfPZY+0SNyd5X+bs+omHEwYhgfeUNhl4uxQlk=
@size 1709
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_new_cloudshell_created.yml
@sha XMHuJF19e9td3elryVsKw5dhKCGe89r+d7wEAqXUw4E=
@size 648
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_owner_removed_from_application_or_service_principal.yml
@sha MbDiof5xLKiX8jD4Uz4xFEl4yhf60/9SAHs1UBf7fdE=
@size 1057
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_pim_account_stale.yml
@sha nr39XJA/8z+M3F8MOkjyeG22neddCS/6KNpQLqk7+RA=
@size 799
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_pim_activation_approve_deny.yml
@sha 8+J7XQx1m8aD4qzxYjUkGQ9XPiL2G8bhw7vCf5hElL0=
@size 742
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_pim_alerts_disabled.yml
@sha c6UGLWVnSd7aY767poYrp3yWTlpAaZxRQOWAj8oV8/8=
@size 734
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_pim_change_settings.yml
@sha pB3GDtA3HNgD+u39A6//kpY25ljJIaA81zoWZsHak38=
@size 730
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_pim_invalid_license.yml
@sha 9pL/fEdjOtdjXGM0zmckju41a0pxV2L5o0gA5SZRIXk=
@size 822
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_pim_role_assigned_outside_of_pim.yml
@sha aLAeQvsBeFs8+WDWY6M2fAL5B0Ib17uvHu1oTBXV/IU=
@size 959
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_pim_role_frequent_activation.yml
@sha nBnI+QSYV003UMyJzEJYI+kOYHcuLhN75POXH2DLdeI=
@size 815
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_pim_role_no_mfa_required.yml
@sha vvABkP6ve6pft22QpC/OP6yDseYJ3GKP4jT1ObJjxeI=
@size 807
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_pim_role_not_used.yml
@sha 9FobeGhPnvSSCfRAAKejaNGWxLsJApe5mOdmS4588eA=
@size 809
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_pim_too_many_global_admins.yml
@sha JpVMckav6mycIB28Ji8YskWGJoER8zIW2moq0KPgIx4=
@size 818
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_priviledged_role_assignment_add.yml
@sha QpYD0yzHvx3MseLWKuaVnuELzL0C+AcPYh8SY0hNzJU=
@size 818
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_priviledged_role_assignment_bulk_change.yml
@sha MjAY8BnPiHMUUVXVzSDX9rD59EZrXaBuEpAq8t53568=
@size 852
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_privileged_account_creation.yml
@sha xdL60Um7/97/vQrMqahaa5Ss8ccxrIOVFmdPRI6rgrk=
@size 814
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_rare_operations.yml
@sha 1HAptnCkhlP3hhiA+rCNfY4Mn7rwmW2OoOHkQvoOv1g=
@size 1040
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_service_principal_created.yml
@sha hbcq/Wh9S1fa+Y28u/LtlhDYly56Ej5YQKM58NwPRiQ=
@size 953
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_service_principal_removed.yml
@sha y4HLlj8xQ55yy1kZmx/GreRPMO3sulhezDA3IcJpVaA=
@size 955
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_subscription_permissions_elevation_via_activitylogs.yml
@sha T7LXFuwwb10KV72/0GY7KNn+eX0iTAMK2AcYG4VDvgo=
@size 895
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_subscription_permissions_elevation_via_auditlogs.yml
@sha j+/vqW4I31+VTs5uIEvbkH22U8XsAjziSjpXl6MbR4Q=
@size 934
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_suppression_rule_created.yml
@sha Hy9tVM8Ftnc/YQcbrsr1dKXI4JVtCMMSbwTGUJbuAXE=
@size 970
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_tap_added.yml
@sha sjIg6sQz/JFplRzFs0NmnWMuYALtO+Di+eX3QanL7jc=
@size 859
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_unusual_authentication_interruption.yml
@sha BoA/YiCBZKFRp2oIBsjjyBI05+AehSsbx8Ouc5HJeeM=
@size 942
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_user_login_blocked_by_conditional_access.yml
@sha FBnHuGT7ZSrio5stovpe1lMPdpy+h4zTiUQDCSlfpYc=
@size 773
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_user_password_change.yml
@sha UVjfzGOe6r6sDkyTuWx0eHgtEl0jiY27yDAC3B1OlSY=
@size 830
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_users_authenticating_to_other_azure_ad_tenants.yml
@sha egX1gi4rxMwZHpOeNySFJgI5EMEx5lCqhhi/h8nZTBs=
@size 801
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_virtual_network_modified_or_deleted.yml
@sha wX/wyMddfMQ1y183DoHClTii7QaZ5UB1dcUHa9dlK5I=
@size 1114
@ts 1768594064
opensearch/opensearch-security-analytics/rules/azure/azure_vpn_connection_modified_or_deleted.yml
@sha 09MUw3r7gkhq8ULqHJ1mT5rpMIudj1cRNREK8hdkhqk=
@size 1041
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_attached_malicious_lambda_layer.yml
@sha g0blAouFSWW94W1UqAszPfjXfy+DSL2zKHuHdWVCoHA=
@size 1233
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_cloudtrail_disable_logging.yml
@sha t8tgiIhF2pRY6I0G18TG+49tQ8qIOh3Adb0TRw6wt28=
@size 699
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_config_disable_recording.yml
@sha J6k5KaetegRkrPF/2fRc6Ur5bi37J5iNm07R2yBYOSg=
@size 695
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_console_getsignintoken.yml
@sha KYS1Fj1VABpYiZBKP4VsEEy28oFR+4Qh0++SE3ZV9jE=
@size 1412
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_create_load_balancer_layer.yml
@sha mlwtc5ibw6n0Q24Ta3tqgWBEyVK82AWfTYUQJDUmrBs=
@size 871
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_delete_identity.yml
@sha HAkrwUrd9tjf97t/s69Nq44D1Cg5eAmiADSG+DP6hi4=
@size 740
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_disable_bucket_versioning.yml
@sha 5Wy+Vy23OKm2dPZH7MS7mLfYgGfS34dQC33eZprv8hI=
@size 761
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_ec2_disable_encryption.yml
@sha /RWk8XdMafj/5hEQYOvAU7/f6fYrvKWQTFbbiLj6co0=
@size 882
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_ec2_download_userdata.yml
@sha Sd9Y52AfqcNzGYOzTuhpTae8Bv4tm2zt6ZmaK1JS1yY=
@size 836
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_ec2_startup_script_change.yml
@sha jC5BczuBf6gWK5AQiaVpM83YdD92UPwjKxy8Afn5dSY=
@size 885
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_ec2_vm_export_failure.yml
@sha O9uKsONV/ylri2l6YOLJr17U3KB259zM9g04pXq3hgM=
@size 866
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_ecs_task_definition_backdoor.yml
@sha jLi78Hd/KcPLYnT3UDE3t2VpLYL8+Bm+HMNki9AkP90=
@size 1293
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_ecs_task_definition_cred_endpoint_query.yml
@sha 9+s0GwMldo5QarBfQslg+1MetT8/K+4kkOoKhmTC7bA=
@size 1320
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_efs_fileshare_modified_or_deleted.yml
@sha dZ5XafJ3prdSCTWjj3Xppn1hYWSE2ZCp4PO455k3rGs=
@size 788
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_efs_fileshare_mount_modified_or_deleted.yml
@sha 1/BETgsiOjn4ztNV9tfBASBWkxIBVO0Rfgd9PAO4bLw=
@size 770
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_eks_cluster_created_or_deleted.yml
@sha Oh5aG4tGvMDzzgT+mJuN+dCNJCfQKVBADQpX6elSEEU=
@size 953
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_elasticache_security_group_created.yml
@sha jdr95XNNymBaeiDnbgbN6EsuN5WDH3LYb9MgPRC1vVI=
@size 1085
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_elasticache_security_group_modified_or_deleted.yml
@sha /U1n85anq3HgbYu2Gj4mtMAHsvqd4/f1gmw1m1WeGAc=
@size 1306
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_enum_buckets.yml
@sha MEnaDzkd5UX1FMaIDkkYyI88uypOGUVGUeLHhhx5ZnU=
@size 1085
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_enum_listing.yml
@sha AUcZru0jjuQqF7ZPoniThpD3cbC3bjoQTx5CfR22kpo=
@size 631
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_guardduty_disruption.yml
@sha kB0EJY51jsfTv9oRvaE0Sei0GLH1a85y1BDQ8l9X1NA=
@size 775
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_iam_backdoor_users_keys.yml
@sha 6nbvBRvkdcpzgA2SabdjFWwq/OHBqkUVL/h6wr2RF4Q=
@size 1151
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_iam_s3browser_loginprofile_creation.yml
@sha P5xXQolCzIagvC7fJQR9NBMfExADjuMcpZejH+61+Sw=
@size 911
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_iam_s3browser_templated_s3_bucket_policy_creation.yml
@sha 18BvBsLnTzBabAIorNGlMEn/dY1qZB+cauTrc1srybk=
@size 1078
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_iam_s3browser_user_or_accesskey_creation.yml
@sha ps+rJvCQhCr8Wk6VUj7/Dlzke7uk6xlUXIojVXJLIX0=
@size 803
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_lambda_function_created_or_invoked.yml
@sha 263P0/EysHQpggZvdRQOqlp91+qxiNtRQkuB41Ba868=
@size 995
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_macic_evasion.yml
@sha Eye3l5OMzZio1k0ReqygT14FUKezgmqwefpN67eFaIM=
@size 979
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_passed_role_to_glue_development_endpoint.yml
@sha 8j5dfaOHOOnEiYICmVOwtBznA+n9kXOuRScNryFGpVI=
@size 1040
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_rds_change_master_password.yml
@sha vgmRo8TllezFQ3SsDT3NaFnIESO0VIsU/nQYPrbhzj8=
@size 787
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_rds_public_db_restore.yml
@sha YjejvhsQQVbLz/oGXe5ZjuUrxb4gLXRJuIbg7dx+qEU=
@size 773
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_root_account_usage.yml
@sha DTgIqInGFzo1t0aGVAxsNqWDObjgPrnA1QzjwFPCcs8=
@size 744
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_route_53_domain_transferred_lock_disabled.yml
@sha 7svBZ+JK7NMaBTq/Gr3tNQAMWN66idGeAQLCPXtIklM=
@size 1411
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_route_53_domain_transferred_to_another_account.yml
@sha 8GQDfjoJJTP0/ttaFNZRrXo5WLBN2XVnbeBJL4MIiI8=
@size 1155
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_securityhub_finding_evasion.yml
@sha GfJJpvJJ9m0mDiVJx9REFnWZKBmfpIKvJLLwkuGDstM=
@size 850
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_snapshot_backup_exfiltration.yml
@sha JeF+SXQ3EsGGJVLZvz28H+IPrOrmOcuUnZtQJQ3SkQU=
@size 652
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_sso_idp_change.yml
@sha YpXgoE6uD49hlyoM+pWiNSsinr4FhMyS6UwOWr5JIvw=
@size 1267
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_sts_assumerole_misuse.yml
@sha n79nzcvrqZxN1gtHvF6agcge9jD2WbfGY01UyKgJK6g=
@size 1187
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_sts_getsessiontoken_misuse.yml
@sha y0zSxtcD6zY/oeYeD0jNcXpuDUgF1oL+NUhJrzWE6OI=
@size 1173
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_susp_saml_activity.yml
@sha 4qg+z6plyvSXOTIF3t4MR4x9KiDfwkXYMr82O/Y3niY=
@size 1369
@ts 1768594064
opensearch/opensearch-security-analytics/rules/cloudtrail/aws_update_login_profile.yml
@sha SodSqXTfcg6pTtF7UPuzC70GCq9mSgax7pGDcItEbAA=
@size 1033
@ts 1768594064
opensearch/opensearch-security-analytics/rules/dns/
opensearch/opensearch-security-analytics/rules/dns/net_dns_c2_detection.yml
@sha 4gGN/COqj17VYIejwPiQQ4Ilg36atVXE4LZfowlgUp8=
@size 785
@ts 1768594064
opensearch/opensearch-security-analytics/rules/dns/net_dns_external_service_interaction_domains.yml
@sha dZoobe7N2G1sVMtFvJWVQbiggX/AG/ybacuc+zJL3p0=
@size 1008
@ts 1768594064
opensearch/opensearch-security-analytics/rules/dns/net_dns_high_bytes_out.yml
@sha kovFXZj+dUA5cd0CHiSDKIS8wj1YDCAkVxxS5jqQVz0=
@size 541
@ts 1768594064
opensearch/opensearch-security-analytics/rules/dns/net_dns_high_null_records_requests_rate.yml
@sha JVrMxVU9GhixYXFdm3nDuyofwt0JtbilWgTVde2ryKM=
@size 658
@ts 1768594064
opensearch/opensearch-security-analytics/rules/dns/net_dns_high_requests_rate.yml
@sha wByNFe7f0OCTaMfgS7RV1msv/sElRdx643u6GzEmsW4=
@size 595
@ts 1768594064
opensearch/opensearch-security-analytics/rules/dns/net_dns_high_txt_records_requests_rate.yml
@sha RL+TRmot6o7tZ3POg3j3cJoZyI8kStD/J32Jg6y5FDg=
@size 663
@ts 1768594064
opensearch/opensearch-security-analytics/rules/dns/net_dns_mal_cobaltstrike.yml
@sha bRF4WKFkswT7t9rwOLKVaYUGE8ci5JUAblSNuS5F+i8=
@size 717
@ts 1768594064
opensearch/opensearch-security-analytics/rules/dns/net_dns_pua_cryptocoin_mining_xmr.yml
@sha aQEtYgn5a/EBQNyKjRS0ngDyxjFIDNk9fz1Ykz8Zbuw=
@size 1215
@ts 1768594064
opensearch/opensearch-security-analytics/rules/dns/net_dns_susp_b64_queries.yml
@sha a9YNmHQ49f5O5y7ynboC9c1K9lOVat0FLlEBW45lpvc=
@size 568
@ts 1768594064
opensearch/opensearch-security-analytics/rules/dns/net_dns_susp_telegram_api.yml
@sha lYWPPnRh5CfwldMRAOeRb57544PdaV4T4ZkxK3WNWU0=
@size 994
@ts 1768594064
opensearch/opensearch-security-analytics/rules/dns/net_dns_susp_txt_exec_strings.yml
@sha cOOWkSYQLbPBnjjIOAiCiVwZyEeui+ddS83jvzQnjqs=
@size 677
@ts 1768594064
opensearch/opensearch-security-analytics/rules/dns/net_dns_wannacry_killswitch_domain.yml
@sha px9nADZNV6o6Xdzk3Ypu6aI3zjNMTCwGMP1Leh5p1D8=
@size 789
@ts 1768594064
opensearch/opensearch-security-analytics/rules/github/
opensearch/opensearch-security-analytics/rules/github/github_delete_action_invoked.yml
@sha VMb8Ex4Q+bGDEnHmkTomAnsHo5NEqEXmLz9dMctcxN8=
@size 1271
@ts 1768594064
opensearch/opensearch-security-analytics/rules/github/github_disable_high_risk_configuration.yml
@sha 9XZaCZ0BJqUlmzftPEPltAcCpKPA10suWdcIHMNViHI=
@size 1715
@ts 1768594064
opensearch/opensearch-security-analytics/rules/github/github_disabled_outdated_dependency_or_vulnerability.yml
@sha ADB4DA9MPf7PgxH6v/A40DKndB3ccPvT9xCUP9aWB4M=
@size 1682
@ts 1768594064
opensearch/opensearch-security-analytics/rules/github/github_new_org_member.yml
@sha HGRvJWzsP5ObccSi65eYauz1sOmWCTaUFvNHx9RNzD4=
@size 1147
@ts 1768594064
opensearch/opensearch-security-analytics/rules/github/github_new_secret_created.yml
@sha nocs+8mg//lVXRjdBCz9o7xS8gdAmYkNRdXmM0fl9Kk=
@size 1467
@ts 1768594064
opensearch/opensearch-security-analytics/rules/github/github_outside_collaborator_detected.yml
@sha 8f0CVBsyHNuNFqr/E902Ry7yZjImXVSIyj/qOL2+qMI=
@size 1766
@ts 1768594064
opensearch/opensearch-security-analytics/rules/github/github_push_protection_bypass_detected.yml
@sha ZQgemIyDaLL6V3uJ1B6tcsuUBrb4PZcXSsedN3qzWrA=
@size 1160
@ts 1768594064
opensearch/opensearch-security-analytics/rules/github/github_push_protection_disabled.yml
@sha tEXK8wks/i458U4F5imxLmTjdoXJrufBqHbNwN7JfbM=
@size 1651
@ts 1768594064
opensearch/opensearch-security-analytics/rules/github/github_secret_scanning_feature_disabled.yml
@sha grgMr35XEUENq71SKigadL7miDqgrdbddN9CJun29hI=
@size 1204
@ts 1768594064
opensearch/opensearch-security-analytics/rules/github/github_self_hosted_runner_changes_detected.yml
@sha 8WZmzNov0cMq39cdNump0my3LKpWcb7Wd6+24j3mC40=
@size 2372
@ts 1768594064
opensearch/opensearch-security-analytics/rules/gworkspace/
opensearch/opensearch-security-analytics/rules/gworkspace/gcp_gworkspace_application_access_levels_modified.yml
@sha 7HOOCMuR5NaYcWOOpXfZRZf4rrZZiMBA2ECKjTdNTvY=
@size 1107
@ts 1768594064
opensearch/opensearch-security-analytics/rules/gworkspace/gcp_gworkspace_application_removed.yml
@sha 1fBkoOjjIMU/IRaIOsAQiEdJeloIGg9BIQTuxFbz5+4=
@size 970
@ts 1768594064
opensearch/opensearch-security-analytics/rules/gworkspace/gcp_gworkspace_granted_domain_api_access.yml
@sha UJx6elpL3//uLjNQVRYC2OT4/5v2RCVl/ORT7yvWWhs=
@size 759
@ts 1768594064
opensearch/opensearch-security-analytics/rules/gworkspace/gcp_gworkspace_mfa_disabled.yml
@sha bkhu5ZOTnklrHPt+EUf/4u3Z+IYlsCmdoMvRQkwNvNo=
@size 1023
@ts 1768594064
opensearch/opensearch-security-analytics/rules/gworkspace/gcp_gworkspace_role_modified_or_deleted.yml
@sha 6E2peQ7/6cwLKfy5vTixARuLl0bB2jwNiKpcCtJ6AUI=
@size 760
@ts 1768594064
opensearch/opensearch-security-analytics/rules/gworkspace/gcp_gworkspace_role_privilege_deleted.yml
@sha 063a/UjSSkYBA0S7Zcp1CO93d6vBlBjZ694IDA10JPg=
@size 695
@ts 1768594064
opensearch/opensearch-security-analytics/rules/gworkspace/gcp_gworkspace_user_granted_admin_privileges.yml
@sha tdLSwzxXfOmgskZxYtPRIPhEm4Qafts5FFrU43LlgFY=
@size 878
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/
opensearch/opensearch-security-analytics/rules/linux/auditd/
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_audio_capture.yml
@sha hiAIt+4P4D0DSlDzWHMqv0UGf3GLeD5TTZQrIlCj91Q=
@size 620
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_auditing_config_change.yml
@sha XKSTgLBTZG3I6xkZyUCyGUc8zXT0GjIUtsSI5o34EZw=
@size 726
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_binary_padding.yml
@sha mAW7tOmFQQxIsHN8zp4h7M5Y+fVVKhNRviULAEQKw3c=
@size 985
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_bpfdoor_file_accessed.yml
@sha lkRoej1Y+t+yEIFkiSU34CqIetxk3azg9ePa71ty0nA=
@size 774
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_bpfdoor_port_redirect.yml
@sha 1jMisWiDSU6bsP+lvuTw9WgohjyWQByaFSM0BxB2r0o=
@size 1073
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_capabilities_discovery.yml
@sha PeifNe3Dtyt9YDaysK9SaaRwgUV6y5vWasWq6hxsxY0=
@size 960
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_change_file_time_attr.yml
@sha UVnYO4MHIMz6tioh81XTMMdNkwh84TNKF/jRBmPNCqc=
@size 754
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_chattr_immutable_removal.yml
@sha nNX7DVDoY5ug0lEh2D4nqbVmZMYVvNsM43pWDgEVMTc=
@size 728
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_clipboard_collection.yml
@sha UEN/SdUPx+0pUeYB2+y4o4uRSLg9jaT0TxYSdi3Faf8=
@size 947
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_clipboard_image_collection.yml
@sha jzuC3fQ47e/VHWN0sD8zcI4A4FbQXxiVG263xFpBa6M=
@size 916
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_coinminer.yml
@sha E4Rsb4RsQCy7U5AkGKxdcxp6x2Rqh28PtQS5NMdngT4=
@size 898
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_create_account.yml
@sha AdBwTRE4gvVxaOMkbBjwOK9vXQ0h5yH0S7JGy4s37To=
@size 1057
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_data_compressed.yml
@sha zLqpyQMsCF73Ut2Aj/4uZNs01iyE8Lr5NY7QmqpQRiE=
@size 945
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_data_exfil_wget.yml
@sha AU9JkjVRMQhsonjttExfFn6EzauYNKH4WQgEcgrfmXQ=
@size 816
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_dd_delete_file.yml
@sha zcRP7v1NPqNxcSMx1W5tedK8uoLg6poiAGxuURNqAzs=
@size 746
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_disable_system_firewall.yml
@sha +PIzI0vU7v79Rzbo4ukqZrG8eCX9SAGkWQN6EUf6teE=
@size 796
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_file_or_folder_permissions.yml
@sha sl1/Zt+47OE821CanwYIpOcsSGShO/dstbI3gZgH9w0=
@size 718
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_find_cred_in_files.yml
@sha sUDCeFw/TY2uo9q8XEFHZYwx/VdqlxXODfxNAJ6fNbw=
@size 686
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_hidden_binary_execution.yml
@sha G9yKbQJpnVCo40Gc08m/7psUMBO0bBtNK0BtJgOa9+Y=
@size 869
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_hidden_files_directories.yml
@sha jK7c4cyjaCRXWYLYE2v94XjpR6JTKe4MLr2VF2La5GM=
@size 890
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_hidden_zip_files_steganography.yml
@sha CPpQdNx0bnDh8G4fEZVKEaIFwPt+woN906JuITRhxrM=
@size 663
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_keylogging_with_pam_d.yml
@sha fmgj8t4Bc8k8Q814a1mblFjNle3tHQljgHNUCwZ3rWw=
@size 1052
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_ld_so_preload_mod.yml
@sha 9lforJFicPHZIx3EXdd+JzhMtLy2GbvbYDUEqhMIIxw=
@size 875
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_load_module_insmod.yml
@sha 4tyyPes1bWG8HT3mSX4UpQuk2SjGOa0Vhvt6esZcgq0=
@size 984
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_logging_config_change.yml
@sha psNZOJk4CmuKnhd6/7SkR5MN31/NQ65ZBrjJEMDWFzg=
@size 690
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_masquerading_crond.yml
@sha V/iVpag8C5qGxGpZo1ky6j7JBqJ5iRsBR0zmq9IjHrg=
@size 887
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_modify_system_firewall.yml
@sha SLQxBO1J+uUHlysUit0sxQC/cSmF7LhluZLer8wBK70=
@size 1129
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_network_service_scanning.yml
@sha jFCNbXc5ubklCSGQtfSnCq1n3FToKaPbEnwxHMwf1d8=
@size 1040
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_network_sniffing.yml
@sha x4w0Zk7D0zgXOFRKJUyIEFyDWRWvQlTtL4o1Pi3XSfQ=
@size 1125
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_omigod_scx_runasprovider_executeshellcommand.yml
@sha F9zZ+UR/WHF3zCxtr27QlM5ABuVTSmcBtjSQcNsf9i4=
@size 1203
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_password_policy_discovery.yml
@sha 60ut5xL3GooLzQO8dAOrYaTue/ZpRitnLTWws3BRulA=
@size 1237
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_pers_systemd_reload.yml
@sha TnTMG7zNbZf6hRkex+QWf40dvgiWudlrcP+R/X723kA=
@size 766
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_screencapture_import.yml
@sha fAWwZt/v5QgRn/6YzXuXSitMFle+0hNei+KI0COrkY0=
@size 1156
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_screencaputre_xwd.yml
@sha t5jwCPD9kVHVGX5VZhDXZuqDwaevzLTZoE6H5BUqU0U=
@size 959
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_split_file_into_pieces.yml
@sha /yfb50z0bn5GCgBeHIaok+DTikHmtNr1NPmWfoy0g8Y=
@size 669
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_steghide_embed_steganography.yml
@sha QQENXfKZLbRw6OAsmJcgBXnuJTbsFkIzjguYjJZnImk=
@size 790
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_steghide_extract_steganography.yml
@sha qtq6v8062hJIyDJQIMcFd7lFSg1jrB4A+he4tZmT//I=
@size 773
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_susp_c2_commands.yml
@sha Y+6JIRRQ5aLBcM9jI/XQawgczr9Z3s62kGr9Jgh6Cs4=
@size 914
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_susp_cmds.yml
@sha qO0hRzihA/zDO4IDwkW5yQM968HT1HZMwwo0V9a6iNE=
@size 815
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_susp_exe_folders.yml
@sha nKvR59aAVhWzZ9X8JV18JhjKeyQeN3rFrlZ+c9ga3FQ=
@size 1528
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_susp_histfile_operations.yml
@sha lwiTPRHwzt3vD94wvhC913wPhIcr90Inczu5UymoFTk=
@size 908
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_system_info_discovery.yml
@sha EsiSV67pDIi5boMCE4LmCZARxRolD8MupNBAKc408HA=
@size 1063
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_system_info_discovery2.yml
@sha xIVgbMkXWERQJECMeFEWuzyNhxeWsTo6FXFDzFWJFN0=
@size 1085
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_system_shutdown_reboot.yml
@sha CpdVJ8hLjl91La1C6/O1nFfa43jJasdFVRRu7RBHqj8=
@size 894
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_systemd_service_creation.yml
@sha 07Y+d5q/092W8YYvLVHsAUJTQBSghkho7QsRJstXPsY=
@size 862
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_unix_shell_configuration_modification.yml
@sha wltOAZ5ilotRnhtD1Lcy2z2MOO4SrcG5BxyhMIP56Og=
@size 1726
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_unzip_hidden_zip_files_steganography.yml
@sha huqy+9K19+e75dr0ztHgSx6YXdTc7VggaIedwUW0W7s=
@size 636
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_user_discovery.yml
@sha /PTGkikzNu0Aj6NnT/3Nrj8hyuvfvdgnbVakjCeenK0=
@size 836
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/auditd/lnx_auditd_web_rce.yml
@sha 38EEBGYETtfkdQgOB+NdTeeT/5e/lmEP4jSiKwrI4vo=
@size 963
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/builtin/
opensearch/opensearch-security-analytics/rules/linux/builtin/auth/
opensearch/opensearch-security-analytics/rules/linux/builtin/auth/lnx_auth_pwnkit_local_privilege_escalation.yml
@sha 0wq1+NickWBUgffE8JZUCiiZ374+NfC4SZwaA0nv+Js=
@size 677
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/builtin/clamav/
opensearch/opensearch-security-analytics/rules/linux/builtin/clamav/lnx_clamav_relevant_message.yml
@sha +/suRHfnmESkcLB76b9eQWPkg2pkuXRN0ykAK54m4ic=
@size 649
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/builtin/cron/
opensearch/opensearch-security-analytics/rules/linux/builtin/cron/lnx_cron_crontab_file_modification.yml
@sha Ivyj6saiefCitMUOPZ8aQ9uyrHNCJfXCtnEer1R/BG0=
@size 562
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/builtin/guacamole/
opensearch/opensearch-security-analytics/rules/linux/builtin/guacamole/lnx_guacamole_susp_guacamole.yml
@sha A5kcnvOTlS1sE5PYHBKF73DHVEIKSB3+4kOXFViIarY=
@size 558
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/builtin/lnx_apt_equationgroup_lnx.yml
@sha S5pDd7TeLDfXaVSaDIRjmNp8VnsPnFt0lBxZj500new=
@size 2634
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/builtin/lnx_buffer_overflows.yml
@sha aoXDO4/7VC0zDn8ed+Zp/kro2ktQRdk4v7WpJxdsYI8=
@size 712
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/builtin/lnx_clear_syslog.yml
@sha J0uusf1de3WUdSG2F/DqsTgxWoa7GAdWzg/1FCCSVvs=
@size 855
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/builtin/lnx_file_copy.yml
@sha +de1dumgmGyn0yX6JkhgTJ3KYtf2tpcYD8W0X/NF2S4=
@size 595
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/builtin/lnx_ldso_preload_injection.yml
@sha 22ZlKPv1pZc+/pNxQ8A0Bj0Ja/G8h/TTLzhbcYhRh64=
@size 626
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/builtin/lnx_nimbuspwn_privilege_escalation_exploit.yml
@sha /vb7eFltlIH1owFx/2wuJd+R21It+0yJBv/wp3cQaiA=
@size 770
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/builtin/lnx_potential_susp_ebpf_activity.yml
@sha gBnu0JQQVpfXjIYSaH86C0xheVBRU7geBNANUvBZ69M=
@size 673
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/builtin/lnx_privileged_user_creation.yml
@sha B+RKGZqB5luUhWBE4MrVEbDzv6agcd52p6V9qpqUnzg=
@size 1666
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/builtin/lnx_shell_clear_cmd_history.yml
@sha har3Q8PQTe8Y7+MufbX2ao+x27aiwEnuLcR9XaCkRd0=
@size 2344
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/builtin/lnx_shell_susp_commands.yml
@sha NfIayKw9ttBoPGOnikITgm38I6cgm4D0aOurhskIsgo=
@size 1999
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/builtin/lnx_shell_susp_log_entries.yml
@sha xQczpCVCnsdvD9LrhFR+bqoPwtrRKS+AmtJmbx7qAJ4=
@size 754
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/builtin/lnx_shell_susp_rev_shells.yml
@sha F/KyaRISGoUvOorBzbB7XW7SjlzXSEFwhcUzdclUwNs=
@size 1818
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/builtin/lnx_shellshock.yml
@sha 7x+cQHniSEtwOcIKvIJbxqMTFu8rvEEH6Q9tdqx78Qs=
@size 560
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/builtin/lnx_space_after_filename_.yml
@sha KHMbmhMCzeXoHEzW0/RTyfPe4/aCbl92/fHJmwAjDIo=
@size 478
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/builtin/lnx_susp_dev_tcp.yml
@sha +9owDC1H6EEp9XXPB29RIW754NfkHLs21xAnVIb6Ql8=
@size 992
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/builtin/lnx_susp_jexboss.yml
@sha 7kDnAvbgzqVkk+oz0vH/gGaWNB+gDCV7iYKnIKUdD4U=
@size 552
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/builtin/lnx_symlink_etc_passwd.yml
@sha eicGnhCphlNmeVZltmLzJlgTLqkbvQZMmuP01I3lh7M=
@size 575
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/builtin/sshd/
opensearch/opensearch-security-analytics/rules/linux/builtin/sshd/lnx_sshd_ssh_cve_2018_15473.yml
@sha nX5XpLDKePihRL438pc2F452ky4m5Vi86K0UE4tvDNc=
@size 618
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/builtin/sshd/lnx_sshd_susp_ssh.yml
@sha zOwOFIwyhi7zKOzHWOZeMHgV/V48NwmkA5PGo18XgG4=
@size 1187
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/builtin/sudo/
opensearch/opensearch-security-analytics/rules/linux/builtin/sudo/lnx_sudo_cve_2019_14287_user.yml
@sha aRxUINqhOroIsesZTBhLo0PEyQNjl7wN4ZMsf51ymMY=
@size 880
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/builtin/syslog/
opensearch/opensearch-security-analytics/rules/linux/builtin/syslog/lnx_syslog_security_tools_disabling_syslog.yml
@sha KGO79uqGhAgCoiLSt2/r5KKApK+Gt80FUBoB6tMzTG4=
@size 840
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/builtin/syslog/lnx_syslog_susp_named.yml
@sha nLUXgqW/roRaf+taQgxPDzxK8rU2HvC/ELDRC29CGOo=
@size 743
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/builtin/vsftpd/
opensearch/opensearch-security-analytics/rules/linux/builtin/vsftpd/lnx_vsftpd_susp_error_messages.yml
@sha QPkP5Etd186MEKqY+8OEyMJEb3N3i4wK9XH2nbfwiyU=
@size 1281
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/file_event/
opensearch/opensearch-security-analytics/rules/linux/file_event/file_event_lnx_doas_conf_creation.yml
@sha 0M4/oARTFSoD8uJYAvu5BGw2p/Zz3afkrEbU2eJd6QM=
@size 655
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/file_event/file_event_lnx_persistence_cron_files.yml
@sha KFheIsuy2ovDDqHiC4AW9chw5fAGo5+Fpr+dW/OFq4k=
@size 1103
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/file_event/file_event_lnx_persistence_sudoers_files.yml
@sha 6oNLa3Y6jFbqcfkSvmpdA24imcwlHKtxlpTXU2aEY3E=
@size 785
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/file_event/file_event_lnx_susp_shell_script_under_profile_directory.yml
@sha 2XXpNX+c02Ig+ixosEQK7USC8PEaqWx8uFaKO667hXg=
@size 1303
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/file_event/file_event_lnx_triple_cross_rootkit_lock_file.yml
@sha 8Xrxgx6EtgNiB7q8b0LwdHZyOsqT+gDJA/6i1tF17oQ=
@size 701
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/file_event/file_event_lnx_triple_cross_rootkit_persistence.yml
@sha H3Q+TAb8Y3luvLSEg/3mi9A27vlqP+r8HZI8SAH4BZc=
@size 761
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/file_event/file_event_lnx_wget_download_file_in_tmp_dir.yml
@sha s2jEqG8zukMKdFyMKAPy2W9hsQb3WP9y72xOE3bzPmg=
@size 1005
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/network_connection/
opensearch/opensearch-security-analytics/rules/linux/network_connection/net_connection_lnx_back_connect_shell_dev.yml
@sha SXDRus2mLF2dS10gMF1NLZEwoi2kLrGMqnNd5+mwhho=
@size 841
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/network_connection/net_connection_lnx_crypto_mining_indicators.yml
@sha BEXZmGCNNYaHi0UT1wXlksyYVCw62bWgyA5VrqgA2FM=
@size 1296
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/network_connection/net_connection_lnx_ngrok_tunnel.yml
@sha iY8uWs95orIGpLyuIIxCGP1EJwPuVfiotMOD958mcCE=
@size 1132
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_at_command.yml
@sha bATGhVNarWcYwJaqNEeyv1XBf0g+fOYUFoPct85/tgc=
@size 845
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_base64_decode.yml
@sha fiEBP+NMvrekFq/0IhTt4NQXV0i9m9xvWmETkeJ6d98=
@size 704
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_base64_execution.yml
@sha HAAifcCRz1++kMkMWtp5mSJkn7d7yzoX/rxdTW4CJHE=
@size 987
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_base64_shebang_cli.yml
@sha fp1hMoVvBZZqPtBm0fHNJzTmVnhWDCz83y3mbcwI6dY=
@size 1014
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_bash_interactive_shell.yml
@sha PZSNx/oVXY+BZ7SY7E6wLw+kSINH/h9TBYtiSWcCdwM=
@size 613
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_bpf_kprob_tracing_enabled.yml
@sha x2B9/dvV4OP97sqKVQaORRg5tqC33FGxKfzBoNnwEEE=
@size 832
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_bpftrace_unsafe_option_usage.yml
@sha a7odPOt4mfamX1YobHLxkroJbhCTSts5rF1eQHFCfs8=
@size 632
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_capa_discovery.yml
@sha PBy8n/GyVeceo6xJkuPC16MZzBpPfYaetYweT7ugT58=
@size 812
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_cat_sudoers.yml
@sha ZjjIm9+WNY1QZ0w7MFmO1IQHBOEcuhIsDXi0GxSDmBI=
@size 737
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_chattr_immutable_removal.yml
@sha RZPUSI3hXw2zGnyeuStrwjM1jHFrmUdIBLzE/gEy50s=
@size 809
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_clear_logs.yml
@sha 6OHIIk/hg4Y2YtR5rg9kBdWvweZMqgzEDPSxmoD2Hjo=
@size 871
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_clear_syslog.yml
@sha aHAvCSLS7ty6w73eD+9Uja2/mJA/EV2ns7lZp0a2tfo=
@size 1203
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_clipboard_collection.yml
@sha OvEFWhpvxIAATv0TU5uSk1e1p4jU7451Gg5gVLL7SMQ=
@size 907
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_cp_passwd_or_shadow_tmp.yml
@sha GCEa2IzDx2DU+dN6RB+g4hy8Ft3TPz7Dzheb2os9foQ=
@size 763
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_crontab_enumeration.yml
@sha uEk4BbzLSRiTHuvYcWwRirQARCMpM8qOapvgWnHy9Xo=
@size 871
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_crontab_removal.yml
@sha eb9J3goWbbnkYdlk47k+j2YJ29vdGKxWdv9S4DeGAEE=
@size 815
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_crypto_mining.yml
@sha fYhF5tfUPSmsDNfLcnWnC0s0ryCFeg/F6CFYmfvtjq4=
@size 1386
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_curl_usage.yml
@sha 8x9B5pQcWNj94PsxnFAAfWYHBst+LkJDwDJ+PP6VM8g=
@size 737
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_cve_2022_26134_atlassian_confluence.yml
@sha geUl8VCDFWPqw37Z+KMKZxt/RMmRBZq7pYdWOn1eOIk=
@size 1176
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_cve_2022_33891_spark_shell_command_injection.yml
@sha HxWVqzsBB6ye+6DFbMh3qLUBlIZULooDNT7EHZbPOMM=
@size 925
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_dd_file_overwrite.yml
@sha Fwm5Cx0ZAus17ecxcN+XUkBjGjpUq13Sib4O7O3XIbI=
@size 910
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_dd_process_injection.yml
@sha BKNqUEe+o4IQsZZdUEqajepLu6avJ8Qb7PAd2s0BNrI=
@size 857
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_disable_ufw.yml
@sha hDTORQOzLO1lNB2df3kxipx05GzoSZw/MBbByw784Z0=
@size 758
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_doas_execution.yml
@sha cqqBS6NkBvYpDhLmsOhLYJZsn9WLB6VigsFrSwo1rEA=
@size 693
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_esxcli_network_discovery.yml
@sha VSfcsTLnTW13JO+kxkhfxPX5QvfFxaZ8jMabut7i3TE=
@size 1018
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_esxcli_permission_change_admin.yml
@sha mlMzmvfUwMDBhBRzCCnDZqblFEFjFDu+QrkT0LVf9ks=
@size 849
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_esxcli_storage_discovery.yml
@sha 4lq9CwJ6gv3D8HZT084pmxRXaaoUFhReC3n8PF11e7A=
@size 1244
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_esxcli_syslog_config_change.yml
@sha ZbxzA38iJ8RIFUnM81IzcI2frwDTG0hZP/qAz67nhEM=
@size 896
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_esxcli_system_discovery.yml
@sha uBCV4bVLVgj6oY9aOQjCF8CnqdjYbTEbfE3ZOxyHeSw=
@size 1012
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_esxcli_user_account_creation.yml
@sha ZMsR2OQgASnh8cGGjLBrxwMBKczki2afbW5cDuKdW9w=
@size 707
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_esxcli_vm_discovery.yml
@sha 9bJ64CqSfSe1Nyip1IrWN+JuD6CPAveOpC9veeXWqnk=
@size 1089
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_esxcli_vm_kill.yml
@sha Xcxhw8MgG1Gu2uBwbai5RyJCqXLMQQBCipf3uODS1Gg=
@size 1079
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_esxcli_vsan_discovery.yml
@sha dgXkUReg8+wdMnpsfalmkLiQJVs6/fl4CZiU2eUUrr4=
@size 1187
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_file_and_directory_discovery.yml
@sha aiEC06Nmjx8Y9a0x2E4l/gqTTMsuOgBjqERyFOwUvvY=
@size 995
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_file_deletion.yml
@sha upX9lky+915voVv+Zo8Ua1yJO09YpacVOLjhb6GE5ZM=
@size 846
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_grep_os_arch_discovery.yml
@sha 31mktjglo/DSPZXupEQfupFXIUkk1v60x/nuQX73r4Y=
@size 1153
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_groupdel.yml
@sha MMzz2MY+vGuXzAgx6U143M5PGZmklSS6U+kBsOzX9to=
@size 819
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_gtfobin_apt.yml
@sha xYeXJEJFXJbdv+HNE11it5WcYy0TycAn5oZOXqLL1B4=
@size 710
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_gtfobin_vim.yml
@sha dPoBykR4EEQyMxoWwxiVpT6jUxy5HAs/igJ0RxEY1ec=
@size 1049
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_install_root_certificate.yml
@sha IiuJTgSyjzAf4c5BnF3JgrVwcXpYxsZvoqF04Lc4M5k=
@size 798
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_install_suspicioua_packages.yml
@sha dcenzuQrizbsN1ST2cZjFBuxHHErihsW5SrmlGZaHsU=
@size 1438
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_iptables_flush_ufw.yml
@sha qwJ8dZNN7IYE3MsA702ZSwNSDgkv3Jck573XRBuVoBA=
@size 1255
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_kill_process.yml
@sha BzdVRudlgzL8ON5eKjCb59blWHoXJW3uEvHzJdZ/ijE=
@size 744
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_local_account.yml
@sha 1bHZfoGjhO4y2yvKjOrQOFtcbIG60mgZW0yLgNnpVFc=
@size 1208
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_local_groups.yml
@sha EJEkrHYnB4a0cj8iUyWQm60Bk2hy/MgW9pNLaV2xJX4=
@size 907
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_malware_gobrat_grep_payload_discovery.yml
@sha JzI2IOEUDh35adQqgEC1VfvcFLTT9uwlpU0ptYTpjF4=
@size 923
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_mkfifo_named_pipe_creation.yml
@sha 1HYJnP9T4Nyqgzrsj/lxxwQIid3IHn74+WYQc1msCpA=
@size 628
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_mkfifo_named_pipe_creation_susp_location.yml
@sha HeFCNx26vbzUTYRwBDYSjArRL8KqxpTJeFQCAnpVqEk=
@size 864
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_mount_hidepid.yml
@sha YXuQCWpPgSwXxSLKwhq8UmT9xLbcGPnv3/V6G0QB4TE=
@size 814
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_netcat_reverse_shell.yml
@sha 4Tk+gOu6NUs/JIbozwrS/NKcI28i4FiqkPzEoTFnIyg=
@size 1697
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_nohup.yml
@sha MzyLw+crIIdJH+NrYfsPSnRtz8851LYnRuDbQd5dXtQ=
@size 747
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_nohup_susp_execution.yml
@sha XSadeWDNcN6bRDCkbdFKGiDl/MUri08aU43qJwMLEqY=
@size 949
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_omigod_scx_runasprovider_executescript.yml
@sha RbnfKZYVzrZW75uN+lcg4qdAeqHKmGWGJ+hF9YKSS5c=
@size 1448
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_omigod_scx_runasprovider_executeshellcommand.yml
@sha dYG3KBgNT58hePCUY8SGI6lPz19oUHGXWC6irTomxo0=
@size 1219
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_perl_reverse_shell.yml
@sha j4wCdL7fvKLK2sGoEmXuxy2/A7godbv73fNhsb4P0NA=
@size 950
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_php_reverse_shell.yml
@sha 94CDMPsQPUTEgiZq5IGL1R4On2w+pWYZeWb1g/Z9p2E=
@size 1083
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_process_discovery.yml
@sha PS1bzucMVweAFuYybU/wnUAo0PGEXyhyJy6U07uGvu8=
@size 860
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_proxy_connection.yml
@sha 1Ih5FbJYf4kTYqJn0KJQny/UK8RyebnaAsAAaWhxvRQ=
@size 570
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_python_pty_spawn.yml
@sha x5KqJ1E5wggoFoIJ84kAL9qDH/fnTQ7/OLPS+u0mULQ=
@size 1137
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_python_reverse_shell.yml
@sha iHw0fY7gNR1kZDFU+RyMKZgrarnuAYxpaKP0y2OBpYI=
@size 857
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_remote_access_tools_teamviewer_incoming_connection.yml
@sha IhMbZYo5xVkyF3iXvC12EZc7SCB/G+IYBFs/W0H8pho=
@size 1041
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_remote_system_discovery.yml
@sha Vl+wobT5+g2KI7ZIk8QQDCgUAwAVWj+Y5NdPoYCk8L8=
@size 1321
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_remove_package.yml
@sha 1w4+221US3TsOuDZ3Of80r5puCve2VGl5/aMZqCU6MY=
@size 1351
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_ruby_reverse_shell.yml
@sha X58mO5yO33C+R66IqW2dHOuwmFWoXkcGHUBQd4WERH0=
@size 944
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_schedule_task_job_cron.yml
@sha kFY5RFBhArskU5BK/WQSpTI+1hqzL8RSGOFYmRh6zR0=
@size 877
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_security_software_discovery.yml
@sha qv7EYRaUX0cYx/GGPNbBfUcTw/0skJAUyosP2OHsam4=
@size 1283
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_security_tools_disabling.yml
@sha nWTsUQObPOhX5HwwtoQ1Oyipgm/3QzuoJRc7e+rzKy0=
@size 2446
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_services_stop_and_disable.yml
@sha 3J52YdwsBgykVuUl171WJ0mwGRpQSuT2eQlmxgu93KU=
@size 781
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_setgid_setuid.yml
@sha b90wbABY2rXF7ILWUym8FV7nrx8bCLKol307RMM5V70=
@size 818
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_ssm_agent_abuse.yml
@sha FrbkpdeoJ1HmdEQ7f437GtyzkDClKx383UfmYdHNU+g=
@size 1030
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_sudo_cve_2019_14287.yml
@sha 77FI6n5jTROLSadsl13fjnzp7w+JypfsESQCTc4Xue8=
@size 767
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_susp_chmod_directories.yml
@sha zm35snci3yM2IC/dvDg+T+EbQziKekTA0ltVvY+dyu8=
@size 853
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_susp_container_residence_discovery.yml
@sha egKaBTl3422EvF+Cq8ij/C5lmrpQmtuMPlVgC4so498=
@size 1430
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_susp_curl_fileupload.yml
@sha MQ4OSjBatzCP214C9VmamMQYBN5Was9rGPj+frzX5SI=
@size 1673
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_susp_curl_useragent.yml
@sha iIDZR/xUyre9nOYpXeRYYETkF3lXJfgTHFdEccG9u/I=
@size 783
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_susp_dockerenv_recon.yml
@sha 0yCuhpwANrcYhAO+709Xky6f1gvpRUNYUnqTnAr/HnU=
@size 1137
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_susp_execution_tmp_folder.yml
@sha c9faXpoqyNOzwQ3BrqNbcS7cA8Jq/W1pB2WQgrYRS8E=
@size 883
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_susp_find_execution.yml
@sha W0Vh+r5RFmM+u3v36iHkDPXe8cTECWql4X6LQ3v+yJw=
@size 906
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_susp_git_clone.yml
@sha u2h37iI0tgB/wV7C6kPhEmF9fYN+3U/bIH75hsLy1qU=
@size 1262
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_susp_history_delete.yml
@sha watvgCO+ajANrMRD0z9GaaRq3/5gGEbt8/2EowbiQSg=
@size 1053
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_susp_history_recon.yml
@sha RTv1q5R8uhOACDVAubtFshGQnMNNlbad2TchqDDpx0w=
@size 1106
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_susp_hktl_execution.yml
@sha 4bo8eQ2Eto4hptUGYalYux63Ox86C3MSbOaPghqqZvE=
@size 2947
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_susp_inod_listing.yml
@sha JvAeo5kDaere00SxWU2uZtLUsG5IyUROM/6977/qmt8=
@size 1137
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_susp_interactive_bash.yml
@sha Upa2rGnVh9FxY/qmgGo9fS3qqFkh1OA8mYak+GFuvmw=
@size 906
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_susp_java_children.yml
@sha mYGkEsGUkOmsGKIh13lB1fXn3UkH+rRXexX9jKv3qKk=
@size 783
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_susp_network_utilities_execution.yml
@sha FvT8EWN3LiOPHBsCwbiqKmVK5VzqImV+7DkepdidVK4=
@size 1537
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_susp_pipe_shell.yml
@sha QSLtXD83mJsv1ShRX2frLz0ZPUc6L+3R8R6zuhesGb8=
@size 956
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_susp_recon_indicators.yml
@sha 56p/giZsog9ftChW7gyqvU1IHypOF1UAOUvmx3mhNuY=
@size 763
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_susp_sensitive_file_access.yml
@sha IJ82Pngb7fuCucqVYj0mLDgecreNz5OXTipGtncsd/4=
@size 1667
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_susp_shell_child_process_from_parent_tmp_folder.yml
@sha HUZqwLe3y53VJQTqppvIo+ljeOuD0dqB1DjFyHCipkE=
@size 1044
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_susp_shell_script_exec_from_susp_location.yml
@sha sol2cg18URBHe7XuXWs02VMijsWDOZ0fHsJHiYXem9k=
@size 1227
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_system_info_discovery.yml
@sha IsdzJ2cqjD1HNCcoRHpR/g/7HiqjRv0rQGYGaRr2ApU=
@size 793
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_system_network_connections_discovery.yml
@sha QQWAOKRbmlESKI2WGTDiKymEAamtb5DslvFZJY3XScE=
@size 904
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_system_network_discovery.yml
@sha PJij3lTGDA319D0irEg1wo9NiOAyUOWpl46rP9zgZ4I=
@size 950
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_touch_susp.yml
@sha x4JrMXbX3cl1MR6uIc6h+0vSkuu9B4ghnQOfRZ7oA3c=
@size 680
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_triple_cross_rootkit_execve_hijack.yml
@sha /6GBND9ZI4g2QbdtNOgJD8oRqQH8Clc4gu/+HZBTE64=
@size 740
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_triple_cross_rootkit_install.yml
@sha /rY3sZdtw0pAd/sBnese6pm1hkdVYxVHlP5cFjXW5EQ=
@size 804
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_userdel.yml
@sha Xtyn7uh1ahfFqcupr3/4IwC2qcDxfvU3EgUx/SzcmDA=
@size 839
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_usermod_susp_group.yml
@sha DqxfuVaRx5PU2w/IAsAhWXAaBMe+u7hX527iPyGh29E=
@size 836
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_webshell_detection.yml
@sha zVnvy1dVHNnps0Z6KbacJnMjgTHOMG5qQkA3MOauS6s=
@size 1529
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_wget_download_suspicious_directory.yml
@sha poMIQin8UBE14uPYnJ8/iwB9oZAQJ0NCjjigpSFMfuY=
@size 1122
@ts 1768594064
opensearch/opensearch-security-analytics/rules/linux/process_creation/proc_creation_lnx_xterm_reverse_shell.yml
@sha fiSP+z3Jwwy/NEOF/rIOW6U+5kAZ8QdJTcGkIyxoyIM=
@size 635
@ts 1768594064
opensearch/opensearch-security-analytics/rules/m365/
opensearch/opensearch-security-analytics/rules/m365/microsoft365_activity_by_terminated_user.yml
@sha LqKD3VXYpKM48P3E/EuGHxp1O2zErLlK6SLYei/BA/U=
@size 1023
@ts 1768594064
opensearch/opensearch-security-analytics/rules/m365/microsoft365_activity_from_anonymous_ip_addresses.yml
@sha gyy5neHddH38NWCByFZeBQxAY1gazdCvONCM61w5dDU=
@size 877
@ts 1768594064
opensearch/opensearch-security-analytics/rules/m365/microsoft365_activity_from_infrequent_country.yml
@sha SyT1sc7Fsjyk9MiLZ1oq2co6340YBMa6t8jV+4dW6so=
@size 861
@ts 1768594064
opensearch/opensearch-security-analytics/rules/m365/microsoft365_data_exfiltration_to_unsanctioned_app.yml
@sha zPw5JTlyUPxw1UGTUC4LwTPdI9Px6ufTN8TQGRo6sMQ=
@size 915
@ts 1768594064
opensearch/opensearch-security-analytics/rules/m365/microsoft365_disabling_mfa.yml
@sha 7kmvpuAy30oPg8gXpZJEjaUoIEGLF/3wg6Md3l2nCTw=
@size 620
@ts 1768594064
opensearch/opensearch-security-analytics/rules/m365/microsoft365_from_susp_ip_addresses.yml
@sha OF/MsmHDQOP2MqhaCowJ03WbjrCHO4bt7DyN80a+1eo=
@size 971
@ts 1768594064
opensearch/opensearch-security-analytics/rules/m365/microsoft365_impossible_travel_activity.yml
@sha sc4O4UmdSsiQbfeGratrPt797Vwv9lmR/h5ndtOnoQw=
@size 826
@ts 1768594064
opensearch/opensearch-security-analytics/rules/m365/microsoft365_logon_from_risky_ip_address.yml
@sha kQe7qAD0fGlzrKvEh8k8bylT0/CpWblJfXuZWfSHXdg=
@size 809
@ts 1768594064
opensearch/opensearch-security-analytics/rules/m365/microsoft365_new_federated_domain_added.yml
@sha uJcOC+fywN4Vr46kQHTqVCO9jrm1qn8IzgI/wXK5/9o=
@size 1069
@ts 1768594064
opensearch/opensearch-security-analytics/rules/m365/microsoft365_new_federated_domain_added_audit.yml
@sha ob6Etv0WV7rE3o+7JNoVF82V1g3KtkBTQiOBbYyJfCc=
@size 1054
@ts 1768594064
opensearch/opensearch-security-analytics/rules/m365/microsoft365_new_federated_domain_added_exchange.yml
@sha 4Mh/D6/ytqznagHzBW+Cn6tn9qa4uCdQXcg3udbbixE=
@size 1206
@ts 1768594064
opensearch/opensearch-security-analytics/rules/m365/microsoft365_potential_ransomware_activity.yml
@sha KmGmFpzj2U3vDiyOHfBWLQRxanqdYr3mlLaEPjERuEc=
@size 811
@ts 1768594064
opensearch/opensearch-security-analytics/rules/m365/microsoft365_pst_export_alert.yml
@sha AaX90ZeopV2s64LDVnb+GUU2BButmpkQnXIEJoPMvVI=
@size 1058
@ts 1768594064
opensearch/opensearch-security-analytics/rules/m365/microsoft365_pst_export_alert_using_new_compliancesearchaction.yml
@sha 5406Hm9GOXP8uVUfQ87R5nQ16TgOJ/TGvkXtgLcVJu4=
@size 1167
@ts 1768594064
opensearch/opensearch-security-analytics/rules/m365/microsoft365_susp_inbox_forwarding.yml
@sha FwivX4yxBsN5W502SKg+d7AgNcEig2usplcgc91I5G4=
@size 869
@ts 1768594064
opensearch/opensearch-security-analytics/rules/m365/microsoft365_susp_oauth_app_file_download_activities.yml
@sha PFGpMTEUoA+LcJ6wIIPipyjm+sAAXWQhXEpCiMmb2d0=
@size 877
@ts 1768594064
opensearch/opensearch-security-analytics/rules/m365/microsoft365_unusual_volume_of_file_deletion.yml
@sha QQGy0+daSOiv00eLBozRc5VTT1UVQ5P8ZAay7ECklaQ=
@size 790
@ts 1768594064
opensearch/opensearch-security-analytics/rules/m365/microsoft365_user_restricted_from_sending_email.yml
@sha 8EZKShu9QWT6lNKhPp18ktKgmSvDQWxLJ1w/FkilJW4=
@size 867
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/
opensearch/opensearch-security-analytics/rules/network/cisco/
opensearch/opensearch-security-analytics/rules/network/cisco/aaa/
opensearch/opensearch-security-analytics/rules/network/cisco/aaa/cisco_cli_clear_logs.yml
@sha s390OANW84WDr5GqJC3LiJr5I0y3qDJ50LWKdA/Ytnk=
@size 759
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/cisco/aaa/cisco_cli_collect_data.yml
@sha uYkYGuDjvCV82E7IAttfTC7SUpRrZ3G+3uA5DhbB6DE=
@size 955
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/cisco/aaa/cisco_cli_crypto_actions.yml
@sha 0xei+nhDtFMOpxEOEXWnPyKsqVTdH/gBWb6GJ2kTFUk=
@size 797
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/cisco/aaa/cisco_cli_disable_logging.yml
@sha gZpT9H++D2shJ9FYfrnvhtq4IRpTu3/KOKvN4f5frWE=
@size 618
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/cisco/aaa/cisco_cli_discovery.yml
@sha 7TWZiMg+uXXO1zWsqM21wTf5eePGeN0b/LCovfCVt0k=
@size 979
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/cisco/aaa/cisco_cli_dos.yml
@sha RMNH1kGicNbcMHwibZuv4nKXB0ZGIVG+U5pZUrDReL8=
@size 616
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/cisco/aaa/cisco_cli_file_deletion.yml
@sha 9LVxRdVg+Pn/Nlmsy5Jbd/27V2sfcfzcz7I4adM5VT0=
@size 606
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/cisco/aaa/cisco_cli_input_capture.yml
@sha XkXSSD61T8oloS7KM5Slk/WIMIz52pMmJ4M9u19Li/0=
@size 636
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/cisco/aaa/cisco_cli_local_accounts.yml
@sha XZDjzXnQzoRThAEIf2zE8j4YAXKp4atfkIqA54HF5Ag=
@size 578
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/cisco/aaa/cisco_cli_modify_config.yml
@sha g2pHNug4WYRB3crR4q3OVKVn2ryP1vSTUoHssOZH+Og=
@size 789
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/cisco/aaa/cisco_cli_moving_data.yml
@sha 2WDshNJQ1r05/Q24A5lsFWLLjUNU8xqGt4ROHtD7xFs=
@size 720
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/cisco/aaa/cisco_cli_net_sniff.yml
@sha rJ4KY6zvrYFbnRyksf1SmIqC0r5Leit2N8TPe6SXaJs=
@size 593
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/cisco/bgp/
opensearch/opensearch-security-analytics/rules/network/cisco/bgp/cisco_bgp_md5_auth_failed.yml
@sha Y1vAfdE08M14s0hM6DQT4rynbZZhggMVEQn+PHsarmw=
@size 994
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/cisco/ldp/
opensearch/opensearch-security-analytics/rules/network/cisco/ldp/cisco_ldp_md5_auth_failed.yml
@sha 5Wp9t3iYO2Bpxb5RjHoFUETMMl1CPgCfqs64bT+43yI=
@size 1034
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/firewall/
opensearch/opensearch-security-analytics/rules/network/firewall/net_firewall_cleartext_protocols.yml
@sha ggaNjUrbdQdP2xcpk/ceu1LOvi7d1FX8keV0nImQZTM=
@size 2529
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/firewall/net_firewall_high_dns_bytes_out.yml
@sha yV8XXIWqejD4AONyc4aqUrQTDVeNWM1XZiM/52awFfc=
@size 548
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/firewall/net_firewall_high_dns_requests_rate.yml
@sha +O+esbZXmS1gzNWHlVqNWR/gKs2X56SBS5g5ONSighk=
@size 602
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/firewall/net_firewall_susp_network_scan_by_ip.yml
@sha F3jZ61hboolg1PuweBkFr+IE39GZGt0Y+lkb0EOyD2A=
@size 524
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/firewall/net_firewall_susp_network_scan_by_port.yml
@sha 2euYAwUN9/nnh17FEA4NVnPGA8GiNQOP9FXxukBb5p0=
@size 560
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/zeek/
opensearch/opensearch-security-analytics/rules/network/zeek/zeek_dce_rpc_domain_user_enumeration.yml
@sha +1z8XrIdN9HQWAnT8NcFzbBG/3+a3s8HTmzeV03rs4E=
@size 2149
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/zeek/zeek_dce_rpc_mitre_bzar_execution.yml
@sha 5Xz7t591wLKBHuFHw1wgX1oeJHtgNeL01DhRtGAVDGc=
@size 1516
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/zeek/zeek_dce_rpc_mitre_bzar_persistence.yml
@sha fLQBcsPNeCAxAsEpglMRnl5JRro/lmIIMUQd/8c+rAQ=
@size 1221
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/zeek/zeek_dce_rpc_potential_petit_potam_efs_rpc_call.yml
@sha RUt/c20njeEWRRi/YGg7gdVRSw9iKTJjJOnJkZieUO4=
@size 1660
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/zeek/zeek_dce_rpc_printnightmare_print_driver_install.yml
@sha J6jhV2fTHu6aReo3/aFTooSq5F4eyYY52K10dEQbxQI=
@size 2040
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/zeek/zeek_dce_rpc_smb_spoolss_named_pipe.yml
@sha 3bk+ZbEOLwL4J2Z9Mi7LtDBmdGl4LPUKJs+E8b5jtO8=
@size 949
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/zeek/zeek_default_cobalt_strike_certificate.yml
@sha ex7y0gvxqzNz/9woLaBVyaH33SgtCXmr4DeE7xBdo1E=
@size 712
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/zeek/zeek_dns_mining_pools.yml
@sha NEpGK7NvVxHL+f/ZHueUmPc/Neh+rq7YNi51INBvkkI=
@size 3402
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/zeek/zeek_dns_nkn.yml
@sha Rf4GklbEiE35cSVpxnQg4SkoiqzSsnmaowDBmkQmlnA=
@size 870
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/zeek/zeek_dns_susp_zbit_flag.yml
@sha WAQ1UId/Q92A6NKPK0yGiPOsY7y3RXk7zmpZw6VsqtM=
@size 2453
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/zeek/zeek_dns_torproxy.yml
@sha l0E9FRmoMu5SD2VePJ3IIEzY5EoQWu1pt7PIByZqDTs=
@size 1525
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/zeek/zeek_http_executable_download_from_webdav.yml
@sha D/M7rWo+pmR7qKCYzWNLVphjExTvNK213M11XScXD+4=
@size 902
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/zeek/zeek_http_omigod_no_auth_rce.yml
@sha yEI8qHkeqdvi5iQBq0qpQgdFwtr6BheJTx4Qe95lDng=
@size 2657
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/zeek/zeek_http_webdav_put_request.yml
@sha LW1XqKj/woRsvaU6xSbQhjlFATDRKAL+LX5Fw75IpVA=
@size 856
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/zeek/zeek_rdp_public_listener.yml
@sha BlZUeT7847eBU1fOmTct19lamufHO+/eYKUEpqcBvP0=
@size 1122
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/zeek/zeek_smb_converted_win_atsvc_task.yml
@sha nZ+fFXAWKI06cCzxK5NsyqIwGn3DPWP2SChX1ENS/lA=
@size 804
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/zeek/zeek_smb_converted_win_impacket_secretdump.yml
@sha rFyDI/jwITILMjEXWaAtGVSgVqzBTjKlrjNtXxXvXdk=
@size 809
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/zeek/zeek_smb_converted_win_lm_namedpipe.yml
@sha bcVrjPxgIdZPIxdzNNm2C98uTvtvOBcAMzokElLoxfo=
@size 1248
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/zeek/zeek_smb_converted_win_susp_psexec.yml
@sha bWnyOXVIEkdeHm2T9ExDvTCDr7sqYxG12Y99Ydfoxt4=
@size 1005
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/zeek/zeek_smb_converted_win_susp_raccess_sensitive_fext.yml
@sha FmpM2EH+FjfRflh+HMSeXNcnprODkpWGyQaCw3P5Ot8=
@size 967
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/zeek/zeek_smb_converted_win_transferring_files_with_credential_data.yml
@sha Jai4JSpvhmn5Q7mCy7KsY8BSCHNVafEnV0b2qokPFPQ=
@size 1086
@ts 1768594064
opensearch/opensearch-security-analytics/rules/network/zeek/zeek_susp_kerberos_rc4.yml
@sha fh+BFhwnZ1RvsLc2UjoQZCYFTniryrys3+Bq5Pp0D9U=
@size 679
@ts 1768594064
opensearch/opensearch-security-analytics/rules/okta/
opensearch/opensearch-security-analytics/rules/okta/okta_admin_role_assigned_to_user_or_group.yml
@sha 1aLkwRi1v8WyPLUfGYDAwwSLugeoD0j8c48fSLWodo0=
@size 771
@ts 1768594064
opensearch/opensearch-security-analytics/rules/okta/okta_admin_role_assignment_created.yml
@sha T8/KWhE9MmRCnVG0KUiJeP/OPcub4IAH6T9Gbsn3ADA=
@size 684
@ts 1768594064
opensearch/opensearch-security-analytics/rules/okta/okta_api_token_created.yml
@sha OrQJRQNQ0H8B3HfszxiQ9G+yczzX2bjqlZjf5/GKMLI=
@size 612
@ts 1768594064
opensearch/opensearch-security-analytics/rules/okta/okta_api_token_revoked.yml
@sha n51HRL0DGNVA1JfnjmN+3TZvFby/2YTK1TXo7NTw0zc=
@size 561
@ts 1768594064
opensearch/opensearch-security-analytics/rules/okta/okta_application_modified_or_deleted.yml
@sha j5OreZZLcFRBPanbRzGXyu+KzBgCXeIddCC8pLF88YQ=
@size 652
@ts 1768594064
opensearch/opensearch-security-analytics/rules/okta/okta_application_sign_on_policy_modified_or_deleted.yml
@sha ILqF9NgoP/+qDL8fwERvrZLz6TflRA1Vtls3PZTTHiA=
@size 696
@ts 1768594064
opensearch/opensearch-security-analytics/rules/okta/okta_mfa_reset_or_deactivated.yml
@sha JPygJNcALd+oHbYGiGMj1sgukU7x11fOg7OBLw0sGyg=
@size 797
@ts 1768594064
opensearch/opensearch-security-analytics/rules/okta/okta_network_zone_deactivated_or_deleted.yml
@sha P3TohDoot5lJ8U39no1cmv4BDDlHfkMlaVezWsTrXcI=
@size 630
@ts 1768594064
opensearch/opensearch-security-analytics/rules/okta/okta_policy_modified_or_deleted.yml
@sha MFkk777SZekXiSAKyLWeYsIbG/xZqKdx3Kz5CQOrmso=
@size 989
@ts 1768594064
opensearch/opensearch-security-analytics/rules/okta/okta_policy_rule_modified_or_deleted.yml
@sha i+h5zO3hYLdoX08dfmyWXZrAMMvQHi+IJ5j6tEe1fhw=
@size 632
@ts 1768594064
opensearch/opensearch-security-analytics/rules/okta/okta_security_threat_detected.yml
@sha UFLS8do0U7khpU0AJvs/c6Gox3pYuUuNjxCQavHnZgU=
@size 683
@ts 1768594064
opensearch/opensearch-security-analytics/rules/okta/okta_unauthorized_access_to_app.yml
@sha mK5jWj9ESN+ac4lM+OEAGtlFQ7ZdjI8Kd5CkIpABwaE=
@size 639
@ts 1768594064
opensearch/opensearch-security-analytics/rules/okta/okta_user_account_locked_out.yml
@sha ehW3rWh1HbARQzeCJieU2Dxi5hZt/TcsD7aaIxcgwsw=
@size 603
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_application/
opensearch/opensearch-security-analytics/rules/others_application/antivirus/
opensearch/opensearch-security-analytics/rules/others_application/antivirus/av_exploiting.yml
@sha mP+vV/RvCsHrV46VLfR1PVK3Ol4gSMgXAwC/oFrYI3U=
@size 943
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_application/antivirus/av_hacktool.yml
@sha h8t5CYXguV9jO4i5CfjiJMHfOIMMdtr6VcztTRFjpXA=
@size 744
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_application/antivirus/av_password_dumper.yml
@sha kiMedRFTkX68dw8hBv/qGWO07vB1JaG3smgQNbQUzMk=
@size 994
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_application/antivirus/av_printernightmare_cve_2021_34527.yml
@sha CPT+Xw51N8HW/s7Hkpva+Hkrq7Kd/zTcXM3t6vsnUFQ=
@size 1077
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_application/antivirus/av_ransomware.yml
@sha kvTAjwWQnscMzN9x/KGhIpraD/a/wwE/83fMHKSoC+w=
@size 487
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_application/antivirus/av_relevant_files.yml
@sha 0zdi2iHoc0xM06aCex2O2J6anSNut/3iGaawUusk8g0=
@size 1864
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_application/antivirus/av_webshell.yml
@sha S3lMmR3NTqem+77tf/om0lSD8VLI6GEvCSLVsvzTbSY=
@size 2868
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_application/django/
opensearch/opensearch-security-analytics/rules/others_application/django/appframework_django_exceptions.yml
@sha eFdK9QramK2r6EuuTVlZuYnH/qbdh4fHceAOZ1OpAww=
@size 1087
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_application/python/
opensearch/opensearch-security-analytics/rules/others_application/python/app_python_sql_exceptions.yml
@sha bTyvPZnPvJv494Xz2//p2SaYKmF041/y4xyzxUFlP4w=
@size 603
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_application/rpc_firewall/
opensearch/opensearch-security-analytics/rules/others_application/rpc_firewall/rpc_firewall_atsvc_lateral_movement.yml
@sha v/9dUSxEFpUOfjKjpkXvEN24f1QF3yKUuNR+2GmtItc=
@size 1248
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_application/rpc_firewall/rpc_firewall_atsvc_recon.yml
@sha bUkXr7zzbsvC7q5zU9mFOfWaSguR/n90ndtED66AnyI=
@size 1185
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_application/rpc_firewall/rpc_firewall_dcsync_attack.yml
@sha Ki64nOh7YMkwdGx7i6HtTXCC5oYAoqs7uMN5bJ5GiAA=
@size 1259
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_application/rpc_firewall/rpc_firewall_efs_abuse.yml
@sha 34fSypkNziaTKrMu9Awk96kEgDpXrvl+TwTvpxoOwBs=
@size 1208
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_application/rpc_firewall/rpc_firewall_eventlog_recon.yml
@sha H+x8CEBWC6nd7IdC97JRwOHrlYzZW8px3FZbc2EyTpw=
@size 1050
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_application/rpc_firewall/rpc_firewall_itaskschedulerservice_lateral_movement.yml
@sha emAEllRMuQuJjgfcuH133o8WN3YIacMnoGsw/QRfhTU=
@size 1359
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_application/rpc_firewall/rpc_firewall_itaskschedulerservice_recon.yml
@sha D7abHJtrkka5F6un36XdOHZeOsgbiQJEvm4FI3PpjiM=
@size 1231
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_application/rpc_firewall/rpc_firewall_printing_lateral_movement.yml
@sha W3UWWqRI6LQ0+Cj1iMkqJ6SKEE/ADJirG7W3CxqJ4+U=
@size 1600
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_application/rpc_firewall/rpc_firewall_remote_dcom_or_wmi.yml
@sha jOENG0xW9u6q2LRHA8VSZhpXe1ZNxf/nYMoB1vueiTM=
@size 1497
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_application/rpc_firewall/rpc_firewall_remote_registry_lateral_movement.yml
@sha 1rCbEeH0zf9zCHPkewslmpYC+GXaVTZCnU6U1jQKED0=
@size 1342
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_application/rpc_firewall/rpc_firewall_remote_registry_recon.yml
@sha qJQfycDCO+DcINzf1phyJimCVfVTXGk2n/1/9FqTNZw=
@size 1225
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_application/rpc_firewall/rpc_firewall_remote_server_service_abuse.yml
@sha zQfjxHdZyr3tTcA2LHkxu6epeeBNWE99IqZkJ/ay2OM=
@size 1126
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_application/rpc_firewall/rpc_firewall_remote_service_lateral_movement.yml
@sha Mi8fvzjBwWdg+781zNnkZG7hkGLMbFvSJTd1GJqAcM4=
@size 1230
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_application/rpc_firewall/rpc_firewall_sasec_lateral_movement.yml
@sha YIj8KzYUMWOFhL7DxYvvpIzfgAKp3z32R2bh1DJRr+E=
@size 1248
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_application/rpc_firewall/rpc_firewall_sasec_recon.yml
@sha csKrU3hyhdTx8+pBrjkrN0zW0KCPVpcrfT5NXNyZ370=
@size 1146
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_application/rpc_firewall/rpc_firewall_sharphound_recon_account.yml
@sha nghELn1bZubeRHmp1HU3+fY17UrJdqnkXcuX+zjVSr4=
@size 1141
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_application/rpc_firewall/rpc_firewall_sharphound_recon_sessions.yml
@sha 8/3KdNTRvTdPukBMI8mzjh0mvLzg9RR1Cj0vxdS2cGY=
@size 1134
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_application/ruby/
opensearch/opensearch-security-analytics/rules/others_application/ruby/appframework_ruby_on_rails_exceptions.yml
@sha CV5NFzj0Wj+W8ldq8Fz0XVCO+ZJewRMAMuskbkAKMqY=
@size 1057
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_application/spring/
opensearch/opensearch-security-analytics/rules/others_application/spring/appframework_spring_exceptions.yml
@sha ylg+w5Vo9If0r+s0U4dSekLiaw42Cu6Q0UhP6v1fQ7c=
@size 794
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_application/sql/
opensearch/opensearch-security-analytics/rules/others_application/sql/app_sqlinjection_errors.yml
@sha KlYjGFVE/I52izs4Qz3BdV4jFpc+5p3thwqO/csrCCo=
@size 794
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_apt/
opensearch/opensearch-security-analytics/rules/others_apt/apt_silence_downloader_v3.yml
@sha PL42t6w7VhmEUEyGX8M5n2iNNPUYGzILMGam2XPLfEU=
@size 1033
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_apt/apt_silence_eda.yml
@sha u1vpwNShx2DqaCAhSTEddierzl5b1FZ+56TSX8u16MA=
@size 1120
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/
opensearch/opensearch-security-analytics/rules/others_cloud/azure/
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_aad_secops_signin_failure_bad_password_threshold.yml
@sha Pg0dA7pDdxhuI+efKFo+zICYn4O+Mh3A3//2PRplEoo=
@size 990
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_aadhybridhealth_adfs_new_server.yml
@sha 0rGupGv10A+MU+7TFV95Q2LZm2H7ctZi8LUm4sgE3nc=
@size 1186
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_aadhybridhealth_adfs_service_delete.yml
@sha eIR9pw1YmJdl51TtpvRX2m1I8i3M7N6aAh4acg3ta0g=
@size 1146
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_account_lockout.yml
@sha ZlvylfWcElirMBKC0i4D6DbXwQFAbjcbeXy5AfuSMtM=
@size 603
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_ad_bitlocker_key_retrieval.yml
@sha /mQ1JIFhGrbsYAzzVvTylI6K6vPubwwG1xh2AuyblJ4=
@size 597
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_ad_device_registration_or_join_without_mfa.yml
@sha 8YMfq00jV7NQC7fLWVqj+7NOd4rej9e8LuTkVGFTOZ0=
@size 795
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_ad_device_registration_policy_changes.yml
@sha Pj1GKEHeTRnqyrflC5KLEaqjnt9b944qsBg6dIOniHU=
@size 678
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_ad_sign_ins_from_noncompliant_devices.yml
@sha MpyOU0W8o+s29NC674cJdUt5ldSfLkN+q2CNwHCUrXw=
@size 605
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_ad_sign_ins_from_unknown_devices.yml
@sha sHcNEO3e/+3yxsHDQggiVdw1CCu3bB71B2tE+Kz1zuo=
@size 710
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_ad_user_added_to_admin_role.yml
@sha YOLN9/TKMLw9xowsKrAMyOYArZHxED5547QgRuNJqOg=
@size 874
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_ad_users_added_to_device_admin_roles.yml
@sha 0BBgCmBy/oDrSRqI+k5gmtwKGyvWuJHirVAt3HuqZLw=
@size 786
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_app_appid_uri_changes.yml
@sha lzkczxzY1XP+r4/MDC3LIHyuQMW+jFkFShcjywriVaQ=
@size 854
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_app_credential_added.yml
@sha L1U57Kr8KInncdyIOjsc6F/sqTvVFN5UuTvjUj2m3VE=
@size 928
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_app_credential_modification.yml
@sha QTN9dFtxxQZyBZ1wp5WbUAI+NRfg/dgBhaOdOZqIoGQ=
@size 908
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_app_device_code_authentication.yml
@sha siBWxQVhUXlrUktvv4pf6J/HH6w2NE3kRSAIbk4Qgq8=
@size 1128
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_app_owner_added.yml
@sha fKmF7OMUclS00AvG+VSj1LWbCkaqcROJeS7L54lTRBY=
@size 819
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_app_ropc_authentication.yml
@sha jHS/khwoPI0LMP8r4tbqBeesEDfMYUymK6ldHJVHbFA=
@size 1083
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_app_uri_modifications.yml
@sha gV11bCor/EhWN1aWqfdVRHL/OYFUUvaLrBOJi3Vsz9c=
@size 1053
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_application_deleted.yml
@sha SOeEzldwvpBseQMNIcHOVeS0bUw6wIxwuvW0bAWdU7Q=
@size 950
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_application_gateway_modified_or_deleted.yml
@sha 3L4qwvKawgQ5U+y+StnVc5g+hXAtE7Nuc5Qt6yqifLM=
@size 1018
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_application_security_group_modified_or_deleted.yml
@sha zQk0HK0XPxlEaLeZfFnqlTud6RckEhWuNg/5nAT3tdk=
@size 1058
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_blocked_account_attempt.yml
@sha 2yUGRdPDbFL8fh16RdcKZS0goYc2LDSPDT13hmUWXD0=
@size 743
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_change_to_authentication_method.yml
@sha ppT1uWX07981+XIEraPfcQlpYVTmunEiDDamAEVnqAA=
@size 714
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_conditional_access_failure.yml
@sha ESwX9R/G9X+1RH/kdyJvcVr9RELlGohZr60+Gks33NU=
@size 777
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_container_registry_created_or_deleted.yml
@sha WDn+HbyDFikDUqHYfnL9gaplzbToW9ou213z9uXZVoc=
@size 1402
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_creating_number_of_resources_detection.yml
@sha pyVybYveZPZeuOfXhcRSb8w+b5Di3sTssvj084oHRYo=
@size 681
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_device_no_longer_managed_or_compliant.yml
@sha 3T6O3/RX4GHrxn3F1RN3z7LlD53H8lIrYSy9hDcPM7Q=
@size 707
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_device_or_configuration_modified_or_deleted.yml
@sha N2a8LB2Bh77zvg7wgp6XYsZRVGiLz6ttphyJuTwTL8Y=
@size 1124
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_dns_zone_modified_or_deleted.yml
@sha vObrt4hG8uUCUVtq1lVa0P4w4HdIiaR7Eux9gQj6nFI=
@size 992
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_federation_modified.yml
@sha rOwWcGdHLe/tTgakQ9y4db/QGFoIWN5XKyYmb22wlqk=
@size 1050
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_firewall_modified_or_deleted.yml
@sha JHZ+Ri67jKBr+CElC6+dqHrtbOH28Wuzt0EQ0YClyZs=
@size 985
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_firewall_rule_collection_modified_or_deleted.yml
@sha 3uO1jr1qUlj8/VjOeuNCwoIn7Q3+K2ZwMDxFwlU4FFA=
@size 1467
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_granting_permission_detection.yml
@sha 1TxzURPUA0bTRylr8nG4lq93HaCW6k1QOP1Ybu+4ttg=
@size 673
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_keyvault_key_modified_or_deleted.yml
@sha TDdfyc4hcvbTZfcIkbhLciQsQbBLEgo4geWxGM6tKiw=
@size 1469
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_keyvault_modified_or_deleted.yml
@sha yklX1I6+31nTGqVTMJ1NZi5qFTGflYkBolSesS+z6Lc=
@size 1156
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_keyvault_secrets_modified_or_deleted.yml
@sha ZnhQUivX/TcoLOIkpLqzImc5XR6nhz4HE5othFYvd0U=
@size 1442
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_kubernetes_admission_controller.yml
@sha znveSdubqrDqDtlYmGd44qAIu0FZcUu53gQvIHLobbg=
@size 2136
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_kubernetes_cluster_created_or_deleted.yml
@sha /Cm/RCjI/fryjWt9HUmvczjF/SlOKjZ9XeuxPj9dw60=
@size 1409
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_kubernetes_cronjob.yml
@sha RVl9/QZFYQ9IFL4y998rxKw/Z4iOc2DEpWiQHQbVrp0=
@size 1756
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_kubernetes_events_deleted.yml
@sha B3lrX7Oq6HUg+SYUy/pW6kNCdhApaNUitjG0dlpaxpc=
@size 1267
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_kubernetes_network_policy_change.yml
@sha HWLQJbfwflZBC2SdPCS6+V0mQgxwfNsyk/eDgxL5zQw=
@size 1691
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_kubernetes_pods_deleted.yml
@sha STzWTsbwU2CvFH/9i3lqWYe/1lXcvUrkiQyZCdP+kJM=
@size 1081
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_kubernetes_role_access.yml
@sha PUigfQ4aUW1gjAcRZBSlpYKeE3c0qLwwqHoEjxyvvSw=
@size 2076
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_kubernetes_rolebinding_modified_or_deleted.yml
@sha QNm7fk8Q0tWKYLeU0+/MKkzI9gr0mTyFrooCMNARK2g=
@size 1801
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_kubernetes_secret_or_config_object_access.yml
@sha zmg6G5PaF+pSEa1HB0DVXyGvOFPPteFSj8U0d/PK/fQ=
@size 1563
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_kubernetes_service_account_modified_or_deleted.yml
@sha 0Ss1qdGjvebEGDP3zVFKI5dqujp1eEPyZuh8+dq+DiQ=
@size 1531
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_login_to_disabled_account.yml
@sha ixSo9ZTxvAEjlT7DlppTjgX6/Lea5NkvV/yAnZvsrAA=
@size 634
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_mfa_denies.yml
@sha fNOmkoonnh+ksv52yK7pUtW81ypDT+ODGT1Zd4dNkxs=
@size 777
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_mfa_disabled.yml
@sha it4JaFcZpbV4nNeWoIEQwy/t6UuSuaA8GlHOhsd7UU4=
@size 823
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_mfa_interrupted.yml
@sha vodxz/b4LsCx9im9oJ4X/0+tA2KZc6Oo12w0zLvicRg=
@size 863
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_network_firewall_policy_modified_or_deleted.yml
@sha UBR3jR6VXQCGiDjNVD2VI9gUeQiurcutCu5txmA5pdY=
@size 1145
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_network_firewall_rule_modified_or_deleted.yml
@sha Q5EDXbhFDT0y+KKO4u5H/Cd1f99Vp7LnASo5VGoaj84=
@size 1230
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_network_p2s_vpn_modified_or_deleted.yml
@sha b+izm0HXlCc6YyohpMai88RmycIdZB+1iwOr2t3vMHU=
@size 1327
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_network_security_modified_or_deleted.yml
@sha P2NdzSYBNudMkBdFlGBlj3GSaluLQlfgl+HT+JjEU+0=
@size 1400
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_network_virtual_device_modified_or_deleted.yml
@sha IMZ1ibM3Ljxl5oSyXnafzPRCNmDR0T2zkWlw8xuvkuw=
@size 1681
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_new_cloudshell_created.yml
@sha ZMRoOlPbmkHhhhNxkIYbiDXf3E9HWbHKp1MMQRhBauk=
@size 633
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_owner_removed_from_application_or_service_principal.yml
@sha SAt2cxk1wo7wAJcTCXH3bclnv2pwDYf+tYwUNYOI22Y=
@size 1031
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_rare_operations.yml
@sha 1q7+LGSAIK/4BcXkequ0zGm/KB/aXg5TqMsBhksIAfk=
@size 965
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_service_principal_created.yml
@sha kZcq+7E3QLQ0+Pxu3B6zL2Gj7xuk25tKkrlgW9cojEQ=
@size 927
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_service_principal_removed.yml
@sha JiQDRPETfJA7LF/stty0v1mCdPVg8m7W0KfEKmQameA=
@size 929
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_subscription_permissions_elevation_via_activitylogs.yml
@sha ok+B3Yyo5ubgrnqIjlac8agfM6e5Qbb9qIrgczp6oPs=
@size 859
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_subscription_permissions_elevation_via_auditlogs.yml
@sha 102Pcmy36IDLDc3BWVBxpLjq4wZaBGzelkIWFhsGDhc=
@size 883
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_suppression_rule_created.yml
@sha IKsgpM6+qO7PYu2zlKyKro4wzTmAbta7Vv36/5TMmCI=
@size 949
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_unusual_authentication_interruption.yml
@sha v5BFJ6Q7E9/VwL1QvXoIs+yWdEGXBgiKyHph5qya0Dw=
@size 936
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_user_login_blocked_by_conditional_access.yml
@sha zmYPCenAGYyr6TAN20ScEw/UiyO1OHFqS1U7PPGJbtk=
@size 679
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_virtual_network_modified_or_deleted.yml
@sha bgWSvzQYo5DDOEYjEqz2pKKffpa957b3t6nVaTOvb0k=
@size 1101
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/azure/azure_vpn_connection_modified_or_deleted.yml
@sha d56/czbr280O9NGbTz9TG+zQv3Jc5RXDWYWpDsUUqtQ=
@size 1023
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/gcp/
opensearch/opensearch-security-analytics/rules/others_cloud/gcp/gcp_bucket_enumeration.yml
@sha kA26GCgzNxPUdMF/dDEAjf64hQZBhYz/4mp6PfD/+9M=
@size 918
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/gcp/gcp_bucket_modified_or_deleted.yml
@sha DUXrl5pxDJMjSsb0/vIQZ4SWTOjk2G8CQZ7wicsGPVo=
@size 1022
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/gcp/gcp_dlp_re_identifies_sensitive_information.yml
@sha 3zagqvA57xDYi3cMtdzVNxno7Rb2CpPnFSD+tf3qGdk=
@size 597
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/gcp/gcp_dns_zone_modified_or_deleted.yml
@sha +x3nmPnHxDKOF89CXcJjE6hyGFghNSw2sJ1irOhlPA8=
@size 631
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/gcp/gcp_firewall_rule_modified_or_deleted.yml
@sha 3qrUDjyFolMwM9GGS2FOg1EH+nIrjjkLQ5jvDASzhYo=
@size 1098
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/gcp/gcp_full_network_traffic_packet_capture.yml
@sha 1Feuf+LIuJoHa17wSoMc/PW71zPzVNA4OnofuJBNL6Q=
@size 1248
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/gcp/gcp_kubernetes_admission_controller.yml
@sha 8uPGpx44OBJD1mWkPFb2hziEZpiGKAgFXHuf0GIYVcE=
@size 1986
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/gcp/gcp_kubernetes_cronjob.yml
@sha q5TCq/mkUCSBt5ZaN0sQq+4DTIn+dFQL3vyP4grlvXk=
@size 1324
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/gcp/gcp_kubernetes_rolebinding.yml
@sha +7y3qtqo4xKSzil1hlbdOGik1KLeFdYVqtAWorLE9Kg=
@size 1831
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/gcp/gcp_kubernetes_secrets_modified_or_deleted.yml
@sha 6Uw3DV6R9o3YC+jjcj4YpfzhpRvH40TeWnay/qm+Ra8=
@size 1044
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/gcp/gcp_service_account_disabled_or_deleted.yml
@sha 23z6E09o2mM6IjB48DpylPkCn8tHCCBgM7lrxDVQu64=
@size 1005
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/gcp/gcp_service_account_modified.yml
@sha OsUxT7K/RA1JyoPumMi4y+4gkpfRcxsd7fr5OYBFW6c=
@size 1056
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/gcp/gcp_sql_database_modified_or_deleted.yml
@sha H+lIVoR+ENQcSfSVrO89/+Ty/VN/6NOckxWP5f4z8Ig=
@size 1028
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/gcp/gcp_vpn_tunnel_modified_or_deleted.yml
@sha 9bnXKt7uiaisEa7U2rOoYZqrgJaVsUAnXidJB0RSqKA=
@size 942
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/gworkspace/
opensearch/opensearch-security-analytics/rules/others_cloud/gworkspace/gworkspace_application_removed.yml
@sha 2AUUzdLN02BBMJLvR2k/Jpgp7cOhjUZm60mLvnOzAmo=
@size 963
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/gworkspace/gworkspace_granted_domain_api_access.yml
@sha PdogBWP02JpCw3+vCRI9KlrwXj33gVW8xw0cVqEJTbE=
@size 751
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/gworkspace/gworkspace_mfa_disabled.yml
@sha cgzLwMWSAZEr/Wu7i2Kxo4wRwZjSU7QFHP+Xjx6TJ3k=
@size 1037
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/gworkspace/gworkspace_role_modified_or_deleted.yml
@sha q/EmMxN3OCcPjq77lDUBvFlGHsGHxSonXJfYiWCpZdE=
@size 752
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/gworkspace/gworkspace_role_privilege_deleted.yml
@sha BnpCaLf2C+DF/HWkUosEJH4IKbnDAbhmxuIQnLukOqg=
@size 687
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/gworkspace/gworkspace_user_granted_admin_privileges.yml
@sha RjZnhYFmaMC7rZT70KGjA6S3UiBhLnh5IDZehLiJs34=
@size 871
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/m365/
opensearch/opensearch-security-analytics/rules/others_cloud/m365/microsoft365_activity_by_terminated_user.yml
@sha BZrwQsJCBSxGYCDSWOLoZws0uaCjMgu6or3OVOi1rNs=
@size 1004
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/m365/microsoft365_activity_from_anonymous_ip_addresses.yml
@sha pgigdj/1cdKHyWlzAwmZzKWV1jwhRXkH7/5vAAhBbEk=
@size 864
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/m365/microsoft365_activity_from_infrequent_country.yml
@sha wMRhxy45fJF2zMODIrkLEeLlqLbm41Mkb8pAkYXU7cs=
@size 848
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/m365/microsoft365_data_exfiltration_to_unsanctioned_app.yml
@sha CB05XGp0fgQNtenjMTZLmcuojBm+iKLqLFjcYLQPWzg=
@size 902
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/m365/microsoft365_from_susp_ip_addresses.yml
@sha ZNl3FpBOAl3UdlaoKLUP/ZUTp+iHa24BF4sgiIsSp8U=
@size 952
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/m365/microsoft365_impossible_travel_activity.yml
@sha 7zLFuVxuCRrHR7hm2CXbZAKJdrWlz1sz9/AB7LLWbfo=
@size 796
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/m365/microsoft365_logon_from_risky_ip_address.yml
@sha mlAmeyJEJ6S9mfAMseD5l49RBGmH1Ep92tsvo09uHu8=
@size 796
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/m365/microsoft365_new_federated_domain_added.yml
@sha oBmW0+onQpq7RKNBjl+47U6AXqwDCOLxuxSLX/is3ZA=
@size 1077
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/m365/microsoft365_potential_ransomware_activity.yml
@sha VolPLoTp0oNZchLgRTa+htQSyY+2HoSsFnBGDOsNum8=
@size 798
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/m365/microsoft365_susp_inbox_forwarding.yml
@sha mPgpsBo26EuU8nWwaNQ3Cf7mdadxfBYpofygmXjgpDM=
@size 856
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/m365/microsoft365_susp_oauth_app_file_download_activities.yml
@sha ezlEmy50Ym/yp4zOJMHTLp6VFxHYV9APDlx4YREGggc=
@size 864
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/m365/microsoft365_unusual_volume_of_file_deletion.yml
@sha YeKfclh7paMYMvt6in7lhvGp0KEEvZqqfI55uTiVhak=
@size 777
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/m365/microsoft365_user_restricted_from_sending_email.yml
@sha nN5SvEseDzCN14CmvMscjJdBFgzIpEDPflOAgy0lLWU=
@size 854
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/okta/
opensearch/opensearch-security-analytics/rules/others_cloud/okta/okta_admin_role_assigned_to_user_or_group.yml
@sha yi0emY434V4D4md4DZrFEU+N3itQDbgJepayt5NwfEM=
@size 743
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/okta/okta_api_token_created.yml
@sha BxS4mcxQaLiTWSgdIyrimH8DpGszjGhr0yLRzh4mXN4=
@size 565
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/okta/okta_api_token_revoked.yml
@sha Lq4oCwT85WqaNeH6VJ1M3D5M9yQhW0onsCjis+LDQe0=
@size 561
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/okta/okta_application_modified_or_deleted.yml
@sha yWKE3iJ7Es2KXlaK824MHTl/NmsE0V64OUIUp6/O8+M=
@size 652
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/okta/okta_application_sign_on_policy_modified_or_deleted.yml
@sha f84JblaJj5L1JEZGF3ORJ3F3ICriLL3JGmvD1NRKqQM=
@size 697
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/okta/okta_mfa_reset_or_deactivated.yml
@sha d+7BXfwIWfVfH30w5JdVOiltDMAPj6l2IpxtiDIFnFg=
@size 715
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/okta/okta_network_zone_deactivated_or_deleted.yml
@sha WoMFsv6IFPLJCWybyGb/KHdLt5jbVkSDaTF49fQJA4Q=
@size 630
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/okta/okta_policy_modified_or_deleted.yml
@sha 5HBXc0tMCAEheO20sRYP5wk85MNAqTvuJRn2ldkGYhs=
@size 984
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/okta/okta_policy_rule_modified_or_deleted.yml
@sha BpaaqrokMkv1hIw0uqKNqyHQS33w4IdoIy/hNxLWSFE=
@size 632
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/okta/okta_security_threat_detected.yml
@sha gxRKLG59ACuSGGMiC/k9+S2iXVGzRKzQUwBa06j2rBQ=
@size 684
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/okta/okta_unauthorized_access_to_app.yml
@sha 6CUFneojREWhIa8IaiyH+mQaX3i4WRIfjrJiRNBKVoc=
@size 640
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/okta/okta_user_account_locked_out.yml
@sha xaVaGo2/RIXK/sz3KGnjYp+LBwYgqDVC80ZMYqJDMhA=
@size 585
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/onelogin/
opensearch/opensearch-security-analytics/rules/others_cloud/onelogin/onelogin_assumed_another_user.yml
@sha Gu3rGMNQDgTISLroULyxJhFSakRy5+mj/4bBLTF5sYA=
@size 523
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_cloud/onelogin/onelogin_user_account_locked.yml
@sha lI84cWmfuAELwWVkQy5BJ7duGXAq7/5u6z/diKNMEVs=
@size 702
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_compliance/
opensearch/opensearch-security-analytics/rules/others_compliance/default_credentials_usage.yml
@sha 161oiVsDoCQdkrfnSd5WwMXbqH/9TWfHH3JmCxbI6Eg=
@size 2780
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_compliance/firewall_cleartext_protocols.yml
@sha NJtw24maXGLZmPNxiYY0k6+QkM6ecD5NskPB3CgrQSY=
@size 2339
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_compliance/group_modification_logging.yml
@sha dBNv8nvKNzrs6O25Ad8H7Npf5rrxBmOqPJnihnDKeGY=
@size 2485
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_compliance/host_without_firewall.yml
@sha /p6soVzBpMOPZHx8NRwK/rudowt30MlLUHTBKPo6iGQ=
@size 1011
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_compliance/netflow_cleartext_protocols.yml
@sha reogBPCvUrVU7m+S5vCNi8EST+HR/hd5f2Yv+wETRd8=
@size 2216
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_compliance/workstation_was_locked.yml
@sha /mlM9JFDbdR0kHDGpbpGFoZh9Wb9h9r4qh4pgK5w6es=
@size 1489
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/
opensearch/opensearch-security-analytics/rules/others_macos/file_event/
opensearch/opensearch-security-analytics/rules/others_macos/file_event/file_event_macos_emond_launch_daemon.yml
@sha uv9lSOlbILPpbdBqBlwU6EtIDkzQDbtaBFLuWIDjKdc=
@size 921
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/file_event/file_event_macos_startup_items.yml
@sha JJETwnr8iVK0gF7vGor/ZFjz9YJHMgQYIBFHmn8NFas=
@size 774
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/process_creation/
opensearch/opensearch-security-analytics/rules/others_macos/process_creation/proc_creation_macos_applescript.yml
@sha gqybanB5lSv/VnkGxLDBcfN7HNOV90BG/Y8DmkxJ9WQ=
@size 709
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/process_creation/proc_creation_macos_base64_decode.yml
@sha bem0zFciEhh8rk71V2q31brGsu/pk/i64+RoYOw1jV8=
@size 620
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/process_creation/proc_creation_macos_binary_padding.yml
@sha B+V+ep4g2ORz9LXhHLomZ+xlD1wAo9fjQH3D5tKWHDs=
@size 880
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/process_creation/proc_creation_macos_change_file_time_attr.yml
@sha XeMIiozib12Joe9zhbRVKBL3mMfbkA/xvhq0GbmwofU=
@size 717
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/process_creation/proc_creation_macos_clear_system_logs.yml
@sha J6kjbFBsEFVkhI6pPUCmzNbL6NwSFBK60QFDkP2o5R8=
@size 819
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/process_creation/proc_creation_macos_create_account.yml
@sha E5/lBq+OpnjY3TMPRDbAKT0M+MORhpZF46BPyRYKFUI=
@size 744
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/process_creation/proc_creation_macos_create_hidden_account.yml
@sha 9PHfXKkwb6BPDQr1+MAkTggdJz++6HlVfJ/2OFRO4wU=
@size 1041
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/process_creation/proc_creation_macos_creds_from_keychain.yml
@sha GrPFbaK/2hvWWdORY5dMTCu4PuPCYHB95LI8Jy3piWM=
@size 831
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/process_creation/proc_creation_macos_disable_security_tools.yml
@sha U/QQAIG3oeL9hE92BMtQOUf+c9Wy3haDCH7tstCm4xE=
@size 2090
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/process_creation/proc_creation_macos_file_and_directory_discovery.yml
@sha MzYo2Zhp2oEJTlg9BqrcUyuXMd8uaYJlug+Rk4jz70A=
@size 956
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/process_creation/proc_creation_macos_find_cred_in_files.yml
@sha Vj7xC34yVdLeDayRX0VWK0LSpXN/g9bJb2CD8Dl4oeg=
@size 687
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/process_creation/proc_creation_macos_gui_input_capture.yml
@sha XXpdsBxjbAVsGxbv7VZGuN9VGIv87Omgu7J+MZxLEc0=
@size 1131
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/process_creation/proc_creation_macos_local_account.yml
@sha faIszpkZ2HV6v59EPygb652Zqg9BkoYxlJJyvBtMjjo=
@size 1052
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/process_creation/proc_creation_macos_local_groups.yml
@sha 7dVQbEqLFzF8opgVzkNmKZKWQbFjg8mmCIoEeF9ZM8I=
@size 859
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/process_creation/proc_creation_macos_network_service_scanning.yml
@sha D1b8mYlEHdRKJkKMIaNls30xwmT0qmbzY4rC+/rpYEQ=
@size 752
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/process_creation/proc_creation_macos_network_sniffing.yml
@sha R9KBrYKjEhO1dJuCXuMFw88JPTcs0iMTqe0HIPtkYCs=
@size 808
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/process_creation/proc_creation_macos_remote_system_discovery.yml
@sha 6AL0FrO4KEgVu1fYI4dseLcKL3/mqx5pu8nLCxiBZA0=
@size 1138
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/process_creation/proc_creation_macos_schedule_task_job_cron.yml
@sha 3hNGWI1TE8wGbHTv9I7dkSAbiGTgp0ZcYS1LKRD7buc=
@size 808
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/process_creation/proc_creation_macos_screencapture.yml
@sha UMDaJajOgsRs8uxDmRrUqAKTigrdVJyn24DwJHhe5Lc=
@size 699
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/process_creation/proc_creation_macos_security_software_discovery.yml
@sha dRAJfQQVM7HSokyLEg/yBgNyC2uWln6hjxrOJgKDt8M=
@size 1513
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/process_creation/proc_creation_macos_space_after_filename.yml
@sha 7VvO4ttWszFllEMHKLiWtKoDORMgIlVFQK3Tu6hFv2U=
@size 722
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/process_creation/proc_creation_macos_split_file_into_pieces.yml
@sha i8XpALedwnOHUH7GZ7B+MHzL7ek0j9Ho0UgUvsl9b+8=
@size 622
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/process_creation/proc_creation_macos_susp_histfile_operations.yml
@sha pNudyJxrqK1Ngs6XJrCQ8pParvloKWriNbVywPvxn74=
@size 781
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/process_creation/proc_creation_macos_susp_macos_firmware_activity.yml
@sha NieS0o6EN4nGw9+ztoXjaaEvtLZwncHJZiU/APKePLs=
@size 981
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/process_creation/proc_creation_macos_system_network_connections_discovery.yml
@sha qpe6BdtLgrp5BFCwbN0orQIJKdevwAzTuuwuuhgyp0k=
@size 707
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/process_creation/proc_creation_macos_system_network_discovery.yml
@sha FxILVBGbLfVFP42t1+ScdEzait8+W9aAg9Bgc4NFCUk=
@size 915
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/process_creation/proc_creation_macos_system_shutdown_reboot.yml
@sha xv3aJkPYVsghcarjc5V5Tsj9myzPzUjrrCZI5pVVfpU=
@size 693
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_macos/process_creation/proc_creation_macos_xattr_gatekeeper_bypass.yml
@sha CCTo5q7VeuDLm7hrGT7zN9Ka70QnSjb3g/cSUCdB2aQ=
@size 654
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_apt40.yml
@sha mCl8elcElSWh/8VP2CmVdGiR4PLAfGDdgwOARMIBZTU=
@size 684
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_apt_domestic_kitten.yml
@sha w9zKNfVZ2AtYLjLgw8DmgVDPH6DT/14OThMx+ViR2aQ=
@size 743
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_baby_shark.yml
@sha 5Cu6kW2t9k+Zi8/TFaBBJa6ogI2zsflkanLXYh0TnZs=
@size 537
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_chafer_malware.yml
@sha fGeTvNQDUcZUquNxXaPMFv45EaPm+HT9XTlhdSKDPjc=
@size 538
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_cobalt_amazon.yml
@sha Yt0Ye2ISYGdXIR8R+8InovuJ1RkUgBkbyvO3jsgWlZA=
@size 1140
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_cobalt_malformed_uas.yml
@sha e5SXoe88qiVDOBbprKmWjAcSa6r3AWQnGAEwO068/bA=
@size 916
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_cobalt_ocsp.yml
@sha nj25dRFJl5lk0c9RrrcKL54erSDXCUwiMYak6dbF3pw=
@size 587
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_cobalt_onedrive.yml
@sha nT0kXs+xYHCulF/vkazSG8rbtNlue8MHgP0E0EXZr0k=
@size 722
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_download_susp_dyndns.yml
@sha +RUtJooVDuYhiAY0XorMcXoG7qJ3Jp9KfQ1zoOp4cTw=
@size 2626
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_download_susp_tlds_blacklist.yml
@sha LIgq8IG5HsPdwFwmnZ+GfY6nhuxA+xZ9+UBTL+1Ht2U=
@size 2366
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_download_susp_tlds_whitelist.yml
@sha j9cKm6Gv7oNhfUVIFVLAOPwE5UQac4divdVUWwpbDLs=
@size 1247
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_downloadcradle_webdav.yml
@sha sA9D8MhqHESvylQ0wQzOET8j1qMUFnlDdJj0JiJttXQ=
@size 739
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_empire_ua_uri_combos.yml
@sha lfN3Ne3dNf0oztsd7e9U6ejC5twltls6F0FDqPl1XH8=
@size 772
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_empty_ua.yml
@sha iS76wowpYrOlwJsDDt4bBg7mpiEls2z+KQWCXLoc4Bg=
@size 642
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_ios_implant.yml
@sha BS8mkq7BKoalTFoQj71mHJ3PG3Qq7bWktq4FzzGN7qg=
@size 711
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_java_class_download.yml
@sha 8vOUuyX74XHKgzk7gqOezp3TeMGjrkxxqJRSNAM94/I=
@size 523
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_powershell_ua.yml
@sha ld44clMCp/iVY3SaNBoCRqrEk+YkOLtX4S22AVfYNLk=
@size 733
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_pwndrop.yml
@sha GDbMNT4E9MHRKwJ7dsJT4Sf3sQ1xVZH3RD2530EZGZM=
@size 613
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_raw_paste_service_access.yml
@sha sDvbD4O3XxhxbvtLc0Sf7/TeXtCOtbkGbN5Jrfe8BZQ=
@size 934
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_susp_flash_download_loc.yml
@sha A3NLEEm3uxwP9PjXDL3Bh496qpKJ+zjk/HS7pqyUOq0=
@size 771
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_telegram_api.yml
@sha uzCNWnk6IcBsQcNFGm83By53E7Szu5+TJFXxERmKb0A=
@size 1126
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_turla_comrat.yml
@sha XBkmt9Q+7s8dPAH+9lkPTVj8fzF5YlzbNdPEPupoI5I=
@size 532
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_ua_apt.yml
@sha yk45JSlQLPpITDZteqJRJ4qswrWJ8/zN8rPiyeV2XB8=
@size 5536
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_ua_bitsadmin_susp_ip.yml
@sha RzI2PuAwVRWSLsnbm5OeCR/ybqZn5sFWmFcOR9l5sNA=
@size 746
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_ua_bitsadmin_susp_tld.yml
@sha aeQC8Hsrn2hNJ3szOPMbttlkmx0kk9zOZloB/cN+8gI=
@size 1008
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_ua_cryptominer.yml
@sha Qc4OM3xLsVIIubGhwvU68ccvRR3gGVEN8CuAJIbJt0k=
@size 774
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_ua_frameworks.yml
@sha SuwxMmRTWgVmByztMIPrUZM5C7TqGEx4NSMx6G8YkpA=
@size 2858
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_ua_hacktool.yml
@sha uiwgyzfWbVxo+qaLp+Tz47hbyK10dQIi3azxMBS/5u4=
@size 2000
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_ua_malware.yml
@sha FNcP/5cYYcCeW6cxVnUIsspH/thU9hxxJ3J37EESZvU=
@size 4216
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_ua_susp.yml
@sha zoo3YkIkL29XFfm208hvQE3hkxzNdqHOP9QGQF9VFR8=
@size 2011
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_ursnif_malware_c2_url.yml
@sha T18TUIyhQ/PZB/tfr66ClK0jRWzSspu6qjyh2i+2j/k=
@size 768
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_proxy/proxy_ursnif_malware_download_url.yml
@sha JbMUViHtWN+lqNa4eFmntoGbPe5XveihTna7mrEqDl4=
@size 501
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/
opensearch/opensearch-security-analytics/rules/others_web/web_apache_segfault.yml
@sha yRC0j6XtqsW6ZpiE1h4oB+oYTQi0eDymhX6rNfDBV7M=
@size 502
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_apache_threading_error.yml
@sha LfJWlWbSD462y39AJ3lZ1csAfZTbpw6l8kCElNg4pcY=
@size 614
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2010_5278_exploitation_attempt.yml
@sha LiCgCQPfW1GsuoO/jS5xi8ecbs4j5HyRMEZ5mVD5QR8=
@size 868
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2018_13379_fortinet_preauth_read_exploit.yml
@sha K6reVqkEXYkyti68g6dIRg/36yYCKBxvUasJx4+ogEY=
@size 646
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2018_2894_weblogic_exploit.yml
@sha SBazeMVxF3OodaXcJ5D2iMYf+sF/kVR8B3H3539TKYI=
@size 693
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2019_11510_pulsesecure_exploit.yml
@sha OzKe31OuZUN/cA9C3k3nxnWoR3HR9h+GVnitafp4eoQ=
@size 563
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2019_19781_citrix_exploit.yml
@sha KSJ/XqvWTh2ysrNA3V74wQGb8CCMZThseRUbV98FNGQ=
@size 1265
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2019_3398_confluence.yml
@sha Ch6zEr1nGV1MqonG7JZlJok06KVBAWxVQhvgxsXHpa8=
@size 682
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2020_0688_exchange_exploit.yml
@sha 6SlLjK4NEE7mQ35Orm9GmEPtMHPSsmK/lyRg5MY+DeQ=
@size 537
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2020_0688_msexchange.yml
@sha nHdtHAgCiSXoKnmm4bppLnbuZwgbIhLLuemVN4Jo1iU=
@size 748
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2020_10148_solarwinds_exploit.yml
@sha V2M3/RZDBQZai0FrgaFHY3l9lnoI/NEkbjSwIFLlyjQ=
@size 793
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2020_14882_weblogic_exploit.yml
@sha W2Q+TAqwV90iiEQrLqtBuZAKlZdeQ3fx1YlvzgD96tM=
@size 716
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2020_28188_terramaster_rce_exploit.yml
@sha D98/m1EEN9GHIjZ4dymPwIB++fupx/pndKGZ1EvFjdI=
@size 960
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2020_3452_cisco_asa_ftd.yml
@sha QHWKiIaQELBxGUg2fvc59dQi1MhzLmDcH49Ale++NUY=
@size 1050
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2020_5902_f5_bigip.yml
@sha HBAS84c3wN9u3r0lOPcjag6YRo5OkV5qD9s7gJ1bS98=
@size 1006
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2020_8193_8195_citrix_exploit.yml
@sha j7o7ycYj0rfdwSLN+BWNC0qEsitTnxe6t0Iy4je7THs=
@size 1100
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2021_20090_2021_20091_arcadyan_router_exploit.yml
@sha 7lJr3Zk4M+VVhOn20l3Kx0mcEiNfFePeLStfzZq+ARU=
@size 1346
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2021_2109_weblogic_rce_exploit.yml
@sha MsHG0b+CQfqCKdQdx8VaWKjWu24w8CzrgFwl0C/g9M0=
@size 773
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2021_21972_vsphere_unauth_rce_exploit.yml
@sha 5h5jE6QoY9iBs73UYpVdCWZxg0K449kRTsdmR+WWkME=
@size 774
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2021_21978_vmware_view_planner_exploit.yml
@sha Y9Bi6ft5iiqC6hjkz+8P50bz0VbEPuaantgPK2KRLH4=
@size 699
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2021_22005_vmware_file_upload.yml
@sha QL5/vwXZqdc1yH8iyv4zjQprtd3K61KJ4PZ3yeM/b2o=
@size 729
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2021_22123_fortinet_exploit.yml
@sha 9GDxHGwlPld23Z5PORUbV9G6CsNWu7dNQMAeJVOHO+g=
@size 818
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2021_22893_pulse_secure_rce_exploit.yml
@sha 7cJ1JdX81A70S3ZAXt+S7Y5/uOm6bluDCkkNkFYd5hg=
@size 1053
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2021_26814_wzuh_rce.yml
@sha 10iKhhyg7tKqgE4jLY2NaULjqe+dgcNfsSum2sUk5CM=
@size 649
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2021_26858_iis_rce.yml
@sha gR9zZACvGZqJBQL9U3nnoZvQI1fG+PHfzlJBY6d1tfc=
@size 1104
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2021_28480_exchange_exploit.yml
@sha elLObs8d8CzPxZy9MgH8zJen7rPxTqNOvnhCmDVq7fc=
@size 606
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2021_33766_msexchange_proxytoken.yml
@sha 6ZLYdyCnwJsCIG44P21zV3mSEyUxbHVrLxvLF+ghCOY=
@size 940
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2021_40539_adselfservice.yml
@sha lCn108nWm0Q6+uYN2W/DoHrA9UCPbfTHN2F60OQMTuQ=
@size 688
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2021_40539_manageengine_adselfservice_exploit.yml
@sha 4OiK+RN8GZiZxsGC09+bzT+LxyJRLEsTn+QzQT2HGPU=
@size 1134
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2021_41773_apache_path_traversal.yml
@sha DOFUeA5s4SiN4ZoJyt2lt3Cyd/ldB53UEo0RDHRK0MU=
@size 1612
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2021_42237_sitecore_report_ashx.yml
@sha i1BMhvEX6SEATB+KnZV+Bw7qjs8zHwDsWt4IjekeqMw=
@size 739
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2021_43798_grafana.yml
@sha cN+c+MIrqDsqisMzDDH7xIvDFoka6LhdwY3G+1sdweg=
@size 2802
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2021_44228_log4j.yml
@sha b7TdSuextpQz6ZoRzhbKtWzzzTCPBHcpkSnEaw+CRzY=
@size 1595
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_cve_2021_44228_log4j_fields.yml
@sha swMX5eIBSEgUsXmYYXrdOm/jHq3f9wGbmUUbPuY2jHk=
@size 3845
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_exchange_exploitation_hafnium.yml
@sha i1htgyPsO76ciHQ5GSJaTpyRHDHNZdSE0V/viInA9Wg=
@size 2485
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_exchange_proxyshell.yml
@sha lJfunnAi6ewFS0Ltcj3ptvySFZAyt0B4aBOckEOfJVU=
@size 1313
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_exchange_proxyshell_successful.yml
@sha Y4+dkmHchVk3Myf38qmduFcn6qZVVBXMOlh7vYsa1Dw=
@size 1017
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_iis_tilt_shortname_scan.yml
@sha pWdFmMSefdGqvsWJFSnyxfOZaOm6EEt2bcj/dJbMYhI=
@size 839
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_java_payload_in_access_logs.yml
@sha wssQSdVHMi/MiuLafa4/UmoaYxAXpi6ZhKQjyAQDZdk=
@size 914
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_jndi_exploit.yml
@sha 2j5Ia9PfpKOM6rBzYyiVeDkrjmeHLEW3zT9g7XGs72U=
@size 1237
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_multiple_susp_resp_codes_single_source.yml
@sha cpiLAmOr6P79v1IeFdgoU7mjeGrl0nEmCZOvoXpHVWY=
@size 622
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_nginx_core_dump.yml
@sha 98JlD2lvpei9QFfQcOmRM/E7URkSZWAC72vcfhHYvoI=
@size 697
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_path_traversal_exploitation_attempt.yml
@sha CGHueK14KZfvmSJPuLbO6b5kPh86Yrt8DeHUFTqqtpc=
@size 698
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_solarwinds_supernova_webshell.yml
@sha I9SxeeCiOJgZU18iEoLvOUg/tCS1sl+p82qz9uwqH48=
@size 808
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_sonicwall_jarrewrite_exploit.yml
@sha kPYfBHhF4sRoTS3WSLfrsKJNjUAkb3CN2zL7ptBFar0=
@size 674
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_source_code_enumeration.yml
@sha VLtsrkGHuFGFsimIg8VOnfg8tyQ0FTuR32AFpoFY70w=
@size 747
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_sql_injection_in_access_logs.yml
@sha PSDUla0fvHeGbPIrNd6Z1whPuy0hOzmtABz0R1vN8iQ=
@size 1686
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_ssti_in_access_logs.yml
@sha vfhqCLy6J2moAgg42rnP7MieTDMf6pscrw3ELyViSEI=
@size 1146
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_susp_windows_path_uri.yml
@sha 2RGnpZ61+4BTHG+5lYxg3i4SpIR7RBtnxSonexjF6H8=
@size 892
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_unc2546_dewmode_php_webshell.yml
@sha +uTZBjq7BlqXUed6c8lI3yVX9hiBwueG77L1ouKEZNA=
@size 771
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_webshell_regeorg.yml
@sha TbxvK1wn9Lfsrv/r9z/6QmRm1SuDxz+NNsP26hTk8/o=
@size 1087
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_win_webshells_in_access_logs.yml
@sha 9J48NoB+r76fDS+aMfNQqTmIAq29EMQM1ycWDaB3Xlc=
@size 1104
@ts 1768594064
opensearch/opensearch-security-analytics/rules/others_web/web_xss_in_access_logs.yml
@sha TnBIRnt9WU88ve64Sd4sSddQwXG3nu0cestMla/T9Yo=
@size 1374
@ts 1768594064
opensearch/opensearch-security-analytics/rules/rule_categories.json
@sha kmOwKCCSfjGAoAf3Rl/nqlFQ+V7L2M5OkByKuphFR8Y=
@size 1079
@ts 1768594064
opensearch/opensearch-security-analytics/rules/s3/
opensearch/opensearch-security-analytics/rules/s3/aws_s3_data_management_tampering.yml
@sha yiiDGqK1rYOAdJFKCKIqqSaW3VNkVjXLc+QBdLwCGLM=
@size 1654
@ts 1768594064
opensearch/opensearch-security-analytics/rules/test_windows/
opensearch/opensearch-security-analytics/rules/test_windows/dns_query_win_regsvr32_network_activity.yml
@sha 34j1wDwywVvrRUDdLRr0STkfEsImSRsFDxaPsZsZTLk=
@size 976
@ts 1768594064
opensearch/opensearch-security-analytics/rules/test_windows/net_connection_win_regsvr32_network_activity.yml
@sha ON/aDnZb4HmM6J1X8g8o5D3yOoDvW1SjAe9LaNySjME=
@size 909
@ts 1768594064
opensearch/opensearch-security-analytics/rules/test_windows/proc_creation_win_susp_regsvr32_no_dll.yml
@sha LaTqgu3T9u07rThMAvspdpVkIspc+uEDQzPHrJwvQr0=
@size 1004
@ts 1768594064
opensearch/opensearch-security-analytics/rules/test_windows/proc_creation_win_system_exe_anomaly.yml
@sha MrWeQvSj8pXQ2IkChcp0VgUkL2+i2wmE5BDjtq/oV8U=
@size 2349
@ts 1768594064
opensearch/opensearch-security-analytics/rules/test_windows/win_sample_rule.yml
@sha ew+TJjCsCEN2WHzuhD2vxn3v1UuGwal3Ml/98XVkhBQ=
@size 648
@ts 1768594064
opensearch/opensearch-security-analytics/rules/waf/
opensearch/opensearch-security-analytics/rules/waf/aws_waf/
opensearch/opensearch-security-analytics/rules/waf/aws_waf/aws_waf_web_susp_useragents.yml
@sha IJS9uhsetf3uqqP6GXolW0i4HYZt/DnVXlRKam7TtQg=
@size 1088
@ts 1768594064
opensearch/opensearch-security-analytics/rules/waf/web_cve_2023_25717_ruckus_wireless_admin_exploit_attempt.yml
@sha /ba+fTPhWnIInTrtSSXJijcwzZcs+7UOWLBwxyWasCM=
@size 1072
@ts 1768594064
opensearch/opensearch-security-analytics/rules/waf/web_sql_injection_in_access_logs.yml
@sha gUGWboHJ972AdnfuuN9dJDp64P4r8BEgphYslswWSHA=
@size 1935
@ts 1768594064
opensearch/opensearch-security-analytics/rules/waf/web_susp_useragents.yml
@sha 8o9U8L3q8kC8rxFc+phy9ZssjTTP+8g/3sT4nJu85OY=
@size 989
@ts 1768594064
opensearch/opensearch-security-analytics/rules/waf/web_xss_in_access_logs.yml
@sha vD90bnTRm1rI+UufovNdVaOgd/fXtvl85P6Z+8wPjZg=
@size 1323
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/
opensearch/opensearch-security-analytics/rules/windows/builtin/
opensearch/opensearch-security-analytics/rules/windows/builtin/application/
opensearch/opensearch-security-analytics/rules/windows/builtin/application/win_audit_cve.yml
@sha MwfG7FEM25FUU9s2NV2TD/pg2D8hWe8vN22tggvqrPQ=
@size 1113
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/application/win_av_relevant_match.yml
@sha T5UVuyp8Y/M/K5sG+Fxf6al1gMg2yfhrSfYnTN7gEKQ=
@size 1849
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/application/win_builtin_remove_application.yml
@sha 5F9qOGyRZcpFZmknzUjJBq0VWuKtLjMZzhsS9bcSAlQ=
@size 490
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/application/win_software_atera_rmm_agent_install.yml
@sha 7RVuo+xtPHY1Kkh/PCeRSK4AIGIN9FZTSZ/6lnUy/ZU=
@size 714
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/application/win_susp_backup_delete.yml
@sha aCjaSHYW3F1BxqZGfOGdP+WhIdjmZVE3eA6/FKHRQu8=
@size 728
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/application/win_susp_msmpeng_crash.yml
@sha /59DQgxbyAdlMKT48nerAlETFvhNJsrsbHLoo3x6550=
@size 918
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/application/win_vul_cve_2020_0688.yml
@sha KmJp3xl+gjTATthhXsCB3oVMzvbgU4vew5n8+YDOP6c=
@size 892
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/application/win_vul_cve_2021_41379.yml
@sha OKuTn0+gjK5qhyabWA19HAMAxWzZd1MYcaGlzUdDUVM=
@size 662
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/applocker/
opensearch/opensearch-security-analytics/rules/windows/builtin/applocker/win_applocker_file_was_not_allowed_to_run.yml
@sha WL4D23BXLxGhl/TnPuJGwdeSeLHvixMnyfcgzgVj3hg=
@size 1246
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/bits_client/
opensearch/opensearch-security-analytics/rules/windows/builtin/bits_client/win_bits_client_susp_domain.yml
@sha WovrIt2OYRkN/2+QAUTGvq1tHg6pLadD/gZioOPQNUA=
@size 1178
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/bits_client/win_bits_client_susp_local_file.yml
@sha 0cIxpXcctTBf+7G8ucKHy6UCYZuZRRTqxE1/Aj6QiG0=
@size 1124
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/bits_client/win_bits_client_susp_local_folder.yml
@sha iPyUdivezKO22G2TCb1cdVnEgY9bAluSMEReznlGOLw=
@size 949
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/bits_client/win_bits_client_susp_powershell_job.yml
@sha AQFEo1w7I7/yB/ovWk8nJDczTz6KAlN/W43aUVtO98c=
@size 872
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/bits_client/win_bits_client_susp_use_bitsadmin.yml
@sha nmHDoZneJBGpiyt0Q85e4Tk7fp1EwwzbRxYOkWwXTLA=
@size 870
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/bits_client/win_bits_client_uncommon_domain.yml
@sha aklFJkubERTAnaoCV4MgrSnDUDy9y1/3jjwzsQSPc0o=
@size 1091
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/code_integrity/
opensearch/opensearch-security-analytics/rules/windows/builtin/code_integrity/win_codeintegrity_failed_driver_load.yml
@sha nVRAbX8wsiy0kYaWQCRK2LixIvePXSJXLEq9X00osBM=
@size 571
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/dns_server/
opensearch/opensearch-security-analytics/rules/windows/builtin/dns_server/win_apt_gallium.yml
@sha 7NoZXiByqhz8X6SPtOIYG/If8dJuHn2/U4jilnOy/do=
@size 1131
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/dns_server/win_susp_dns_config.yml
@sha 7T4CLogBBJq4YBBxwDCBR1XZhGiS2wFfoOnou6AEG+w=
@size 768
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/driverframeworks/
opensearch/opensearch-security-analytics/rules/windows/builtin/driverframeworks/win_usb_device_plugged.yml
@sha vxjewCv1hJDU0WuPY3j6q8R/ZNzJgRsxeLtl8hfaw0Q=
@size 833
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/firewall_as/
opensearch/opensearch-security-analytics/rules/windows/builtin/firewall_as/win_firewall_as_add_rule.yml
@sha C1DJ2k/IKmemXfzKznZd40EaJ36fO9aSEkzjKB4/A6c=
@size 1206
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/firewall_as/win_firewall_as_change_rule.yml
@sha +LBYL0yxUj+StLvJULlOcxLzNK62IontJHyctCHDGH4=
@size 750
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/firewall_as/win_firewall_as_delete_rule.yml
@sha c1chgFa7zwK846qNwkduqDWUTMhPYNnSkC8ICq+IP5Y=
@size 878
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/firewall_as/win_firewall_as_failed.yml
@sha TNUSE1TcPbVugXHXCEsKqQASX0L6kLNxF4r8hd7yT10=
@size 604
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/firewall_as/win_firewall_as_reset.yml
@sha D6rZhJR1p/M2e2HBnlYc5mnej7K9+xmVXDFfbKWb1og=
@size 614
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/firewall_as/win_firewall_as_setting_change.yml
@sha PNOt3J9PaMD4AQifq52HiaElz4mcaoSX+qHjwcjsPNU=
@size 917
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/ldap/
opensearch/opensearch-security-analytics/rules/windows/builtin/ldap/win_ldap_recon.yml
@sha M6rCpf/ZPWChLezCOmD0T4HpKxWH/BGyEyEvpUhdySA=
@size 3223
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/msexchange/
opensearch/opensearch-security-analytics/rules/windows/builtin/msexchange/win_exchange_cve_2021_42321.yml
@sha p/MSA49IrlTsDeYEATGzLoAJfra3r7YjPHiZg1sJgpc=
@size 864
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/msexchange/win_exchange_proxylogon_oabvirtualdir.yml
@sha yHCzhg4itoD5KJ4sYUc0ftzml4Tc7tvbWK+E5JXWhQA=
@size 906
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/msexchange/win_exchange_proxyshell_certificate_generation.yml
@sha AgNoXeceriwY87mm/2yrdLREIG/O0Xm0y3AhMwMnaSg=
@size 864
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/msexchange/win_exchange_proxyshell_mailbox_export.yml
@sha Fcw9QFLZtQi/cd/b8UIfwvNmte/qBxeJD+KMObIVGxE=
@size 1078
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/msexchange/win_exchange_proxyshell_remove_mailbox_export.yml
@sha qenr4nm2ZmsYaLt08XR0Jz0KKYyc3ntiL3YzfPC/Sv4=
@size 726
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/msexchange/win_exchange_transportagent.yml
@sha uAA9K3w2yYLsVmHPXLVHNLQ84jFL0MXLTIB0b+Th2s4=
@size 766
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/msexchange/win_exchange_transportagent_failed.yml
@sha 3QsN4W87mbW8h6v/+LeBSMJ27RZPLbXPyg7ACoilUPw=
@size 725
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/msexchange/win_set_oabvirtualdirectory_externalurl.yml
@sha JzPCXDCOJCDgoeJ6BSdqTyzWK2iZubzSrukZNbpqW+4=
@size 728
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/ntlm/
opensearch/opensearch-security-analytics/rules/windows/builtin/ntlm/win_susp_ntlm_auth.yml
@sha Nw+jhGKK7cs0T7NH4z9Q3DB3WfdccQSQxXEWO3lZVbY=
@size 772
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/ntlm/win_susp_ntlm_brute_force.yml
@sha dcJSrZ7lh9yTM+stWw6hKjZrkoiKtiQXW0Vt/VQPUU0=
@size 894
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/ntlm/win_susp_ntlm_rdp.yml
@sha vgujCnEd2SoR08ef12doqIYhQLWxdWOfTG2gNDoVW60=
@size 804
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/printservice/
opensearch/opensearch-security-analytics/rules/windows/builtin/printservice/win_exploit_cve_2021_1675_printspooler.yml
@sha iUVChn6mQbbAlqXulH8LjCPyH5hbNzD2nbfPKZeiIII=
@size 1464
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/printservice/win_exploit_cve_2021_1675_printspooler_operational.yml
@sha UT2dXfVvHfnmHnb/b/chX8AJig8BMaZXoHzSlJv8hbQ=
@size 808
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_aadhealth_mon_agent_regkey_access.yml
@sha fH3rPOvCaN1HOgFTKVPU4nkuMmw/sEItatzE7Fy1iTw=
@size 1531
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_aadhealth_svc_agent_regkey_access.yml
@sha 2fxOCFsth2EtfYm0nHUOboboQ7ZoeTh1hk/Uh5iWiRA=
@size 1720
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_account_backdoor_dcsync_rights.yml
@sha lsVRqefFRp2lhkDOJBeWlSsc2dTHllEkLIY8+gdPIwI=
@size 1354
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_account_discovery.yml
@sha V453j1FYnaArjn+SXS2iXDqp/asA1+sriFZhkaHBAgY=
@size 1092
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_ad_object_writedac_access.yml
@sha iuSvLkXujcM2J0zpeGQq+Zit3L1S39H69UcAe2oMq0Y=
@size 674
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_ad_replication_non_machine_account.yml
@sha Ne76m7hZEUYS06eEQ34mR1SRsYbmURI1BqlPeYArPLc=
@size 1143
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_ad_user_enumeration.yml
@sha b4Doe2ljCoQtK8v0AfAS+yQiDbxyalVL3Z30pofVGzU=
@size 1437
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_adcs_certificate_template_configuration_vulnerability.yml
@sha /MDrVSpAN1pjqhtfLG4lefAic/BS8Da12w5/HrMySS0=
@size 1110
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_adcs_certificate_template_configuration_vulnerability_eku.yml
@sha gWY+Yp3aeLrVTqmT4WWXupkqYkVcdQDXpIO9XDrvYos=
@size 1552
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_admin_rdp_login.yml
@sha D3gzCVphcIDYwr0RsVso7z8OhdsJvmWdPKWASoRE49M=
@size 907
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_admin_share_access.yml
@sha VGSfw3ATHJyeJokPeZDUrB/WcTayPe4bHn0s2GJi2Fk=
@size 628
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_alert_active_directory_user_control.yml
@sha 8Nh4/kgCEOYoSTdKo5pZeLAgIPvKn9pJ63qnZrTV0CM=
@size 1019
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_alert_ad_user_backdoors.yml
@sha nTGuknW30i72LXjcaHe7nGTe06qRZ0cRTWG1knTzlhw=
@size 1583
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_alert_enable_weak_encryption.yml
@sha g6/cBRfedoBIaaUlzg8CmQvaiFZMl+N0v/Q505o1QQM=
@size 2514
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_alert_ruler.yml
@sha NEBCEnId9TOBWGxjijDWozcaT04sq3HnfFaCl9+UtgE=
@size 1085
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_apt_chafer_mar18_security.yml
@sha BsJJwwjvFJuvf/wYd3xysmhHOYwfh0htAcqpdVk4aRA=
@size 969
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_apt_slingshot.yml
@sha 7cj2XBMigwVblYgNjB6kcJUQGCAgNUmaOfvHWAmvzfY=
@size 826
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_apt_wocao.yml
@sha 9wFf0SDHp98dR9Dttraq/Zovwawc1RqpXVy0BuQsEi8=
@size 955
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_atsvc_task.yml
@sha yX8FXM5yyXMv9TLPuFsoEXwtHK2OVJI9wF7BWd14enA=
@size 849
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_camera_microphone_access.yml
@sha OuDx+Ei++4XcJRRpJsRp3o5pRZLiLkCzzRchVVjK9s4=
@size 963
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_dce_rpc_smb_spoolss_named_pipe.yml
@sha g1Tx03x8C3IIYWboVKIXwLMeDjN88rhnAyxboT0D0iQ=
@size 898
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_dcom_iertutil_dll_hijack.yml
@sha uWG1jkYhEaqFmc1x6H0Kn1fnIWSPYLwzgJq44cmjjyw=
@size 886
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_dcsync.yml
@sha G3t0cnbkgewlM0XjG269dHc19nkGYvrTT/ZegYAS14E=
@size 1462
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_defender_bypass.yml
@sha U0Vk5K5SWhSf3CWlSZ1hDQU+P7c0wbt2rVJC64Gsm2Q=
@size 956
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_disable_event_logging.yml
@sha nY3gVs0XWKvVuFj0eOT/ZtxeKKS67CQBSEhWPaX7CZ4=
@size 1510
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_dpapi_domain_backupkey_extraction.yml
@sha J1hsrEfGfyMJ7ECf68gaY52fVdDUVoDdQe2GIT5kwgo=
@size 680
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_dpapi_domain_masterkey_backup_attempt.yml
@sha pZEFjZm6YYpHsFpWBGXEruMpnBiasNwK7UVpsEO8Nv0=
@size 711
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_etw_modification.yml
@sha 8J7su/z43JaH1rcthrSGZTIQqmm7YZUR6mFukQMOrrs=
@size 1602
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_event_log_cleared.yml
@sha F/uMDEizgrxHtnN3Oz9B3aTmXVDxyhpAjKcC/zZsGlg=
@size 742
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_exploit_cve_2021_1675_printspooler_security.yml
@sha 2Bfvp11XfCGKDkHOsvtkGVbM18VW9coQ3m5Q6wxo/BM=
@size 822
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_external_device.yml
@sha rCkUZJmC9RzirlR3BoxUihYRG10BJQnA0JxotYGF15w=
@size 686
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_global_catalog_enumeration.yml
@sha 91hGiwep+GBuYH0MghzKksyTN4ptlg+Kf9gsRkww/Gc=
@size 922
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_gpo_scheduledtasks.yml
@sha RqAelfw+JS1rejCU+vGGKqP5XkiVGW+d9brii8Soo5k=
@size 1056
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_hidden_user_creation.yml
@sha /dJPpqiDH+JyX1ggM8qLSkgi+M1bkbG65hDfRwAyiss=
@size 624
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_hybridconnectionmgr_svc_installation.yml
@sha k+C/ZMITFziRAKOPG15bpNlcMrYs/BHH65B+cV1Y710=
@size 760
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_impacket_psexec.yml
@sha AnbrbrI6+XqgOIKX2eGV6X4eQi12T7Pvea+yes3lfDc=
@size 766
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_impacket_secretdump.yml
@sha 9/cTQ/Qx1q4HvjbapP/9fqQs+LVuKTFY6Mg/eVi8BnY=
@size 878
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_invoke_obfuscation_clip_services_security.yml
@sha /SNwPSh8hh2zeH65CE3CKXdOD0g3rWXqRpl4lsNf4+c=
@size 836
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_invoke_obfuscation_obfuscated_iex_services_security.yml
@sha tIaHelWIVmnivkq2e+RkgTJdd7hPZ1KWQElRqxikubU=
@size 1327
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_invoke_obfuscation_stdin_services_security.yml
@sha KWwIgJW5K/NwIlNOSzemecICIvy6tGB+pHTp4fZweng=
@size 952
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_invoke_obfuscation_var_services_security.yml
@sha 5hC8nwIzNRthpjAo0ulJG0lTv60pbsvHIY+Bmr95wl4=
@size 806
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_invoke_obfuscation_via_compress_services_security.yml
@sha PBzId2TcFe8kZ0j/OFbVOeJb5Bqa26ljqnnlJIS5laY=
@size 957
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_invoke_obfuscation_via_rundll_services_security.yml
@sha 1kKnGaj8GjMIKxSLORrdlSbDefhitKDADeLGawE/sv8=
@size 824
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_invoke_obfuscation_via_stdin_services_security.yml
@sha 9uIx9CyBSQgUPSQr5fy1rwrtgd0dVFKYpxwFaF3Dl88=
@size 844
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_invoke_obfuscation_via_use_clip_services_security.yml
@sha c+VmdnklupckRd0aEBBtb/t4b04bYzRX9Bo32F/ud2s=
@size 716
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_invoke_obfuscation_via_use_mshta_services_security.yml
@sha vQiLVD/5GpPCSThFNUW8TQ/2L/oYDSOiWowbKYo+YzI=
@size 813
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_invoke_obfuscation_via_use_rundll32_services_security.yml
@sha v3jL3S4/0Ur2ObdATo3u7Brp0+VuDhe9IiCZEbHmSxg=
@size 929
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_invoke_obfuscation_via_var_services_security.yml
@sha FxVgXxjr8ysLstZf65Nl+v/IYwqnSC89cWfuVYvY3HE=
@size 773
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_iso_mount.yml
@sha nQQ4ZJk7wupxxu9LxRNW1zYiHpD2XlzK2zwVT+VHKxw=
@size 1152
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_lm_namedpipe.yml
@sha inGDBMEV+7JJoon53Mc+rYuhNEOfjH5MSh0J5wvQnlo=
@size 1287
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_lolbas_execution_of_nltest.yml
@sha V0yye9T0F+SEi8/PMjWxey0+S0eZPOKVPi4J0xVzh5M=
@size 1046
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_lsass_access_non_system_account.yml
@sha dfTVDb9UZOnVt4ep6eeuYA5A1SfLe+SVZhh6qRCfM0c=
@size 1889
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_mal_wceaux_dll.yml
@sha 1WlC2CXuakASAIJzFshPZiDfZPjAyUdX0KV6jfctuT4=
@size 688
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_metasploit_authentication.yml
@sha 2ro80YyTHVwPJhLcKNBb4EPWhxcLiy6XwJrz03tXk+g=
@size 888
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_net_ntlm_downgrade.yml
@sha gNEhM/U/EsNAMZtiJz82OQb4i692y3qEiQViIGgtnrg=
@size 1048
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_net_share_obj_susp_desktop_ini.yml
@sha yhIjY25isTkiMV4v/COtmQUgI5pZnZHosloqD9MyPbE=
@size 921
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_new_or_renamed_user_account_with_dollar_sign.yml
@sha Taq6mL35RQ2oJ2N6eTasFTJ+IU0BITGhggAlV0KHky8=
@size 679
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_not_allowed_rdp_access.yml
@sha 5pbT25okeAXEnqIhhBnQ8/GWsCSzsNiQe3/C85Zn9xg=
@size 831
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_overpass_the_hash.yml
@sha S4XgqJIQ/fvSI8eysFURdbMM9RPliqXd+dJB/Y9KrMI=
@size 811
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_pass_the_hash.yml
@sha +kPvMZQDkImIAaP81OvJl+uFv7xljZrexP8ioEkMVfw=
@size 1026
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_pass_the_hash_2.yml
@sha wcKSnbeCbY7d49TPnZzFmPZtYxpZem9c+OM7zU1sn64=
@size 1176
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_petitpotam_network_share.yml
@sha CW2B5ANkz9/Hu6KpnQvlD/XAcj23XOXWcOjP+gjqHN4=
@size 975
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_petitpotam_susp_tgt_request.yml
@sha E+mxprDsdAAG91d/5p4FBCLAtJEk7pWpatk23Ztyhb4=
@size 1778
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_possible_dc_shadow.yml
@sha 3owuVamUDUKtZOQcIXUveBDnhbc9URZ+rSb7ocQcBp8=
@size 1016
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_privesc_cve_2020_1472.yml
@sha J3ppSPUIa44GRQRxwGazKhGFnFJXeit3FEwyuC6ayKM=
@size 1005
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_protected_storage_service_access.yml
@sha nBLGOw3sjm0nz9jqNGlvqEpOhNuhBYF6PNzeuXziJ/A=
@size 721
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_rare_schtasks_creations.yml
@sha e5WGlMKttOY3sUC1tHw0u8uZ4Th7gcEjuS9W+nGAl6c=
@size 938
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_rdp_bluekeep_poc_scanner.yml
@sha Hmb8zsldfFEtLTuFIlJShTEy85BaaKblMLPqESzfO9A=
@size 738
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_rdp_localhost_login.yml
@sha WvUnMmVBu/ar+iaQeBWMQlme96KKZH/ZQW3Y9GGQI4k=
@size 698
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_rdp_reverse_tunnel.yml
@sha FcpVREEx+MqMTMUk03++mtY6taJHUdHRVT/Kj9eeojw=
@size 1248
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_register_new_logon_process_by_rubeus.yml
@sha /yETBqmFw7PHLqAcafOW3GKp5U7UT1+JWMaFqHz+8hE=
@size 739
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_remote_powershell_session.yml
@sha 5yEx9EXny6WI5k+VHv4XxZr9cjqPGL4n96nkprkVcLI=
@size 765
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_remote_registry_management_using_reg_utility.yml
@sha hCV3ZN4YsPQhG8FfAD5tEbr/UawKbzadgrZdGGWMc5s=
@size 863
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_sam_registry_hive_handle_request.yml
@sha dy9GThW3kADTBF1+WqwzSNGHRln06789n0w5EQrlRLI=
@size 734
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_samaccountname_spoofing_cve_2021_42287.yml
@sha z5cad+3yuxcFsSCH5TH5nIlfnStgoeL2rH/ZAu1IGIw=
@size 801
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_scheduled_task_deletion.yml
@sha xb7PiOr38QjwHbhpcJEXHklnpS2/qHH5liK35zDP2o8=
@size 1496
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_scm_database_handle_failure.yml
@sha g6wXR7y0Hp60CB/YI06eKzuYOQkZ9Z+ZrDsvNXZo1Qs=
@size 796
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_scm_database_privileged_operation.yml
@sha vUSmqtCdSEYgIqhLk52GIqZIyEErDHW3xq9IXrql3F8=
@size 815
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_scrcons_remote_wmi_scripteventconsumer.yml
@sha X7EkSZyOdzYcc7u0ilumVHPXLFC+UIEa4X6NiYfFKmo=
@size 809
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_security_cobaltstrike_service_installs.yml
@sha CBSnPeIW+95lo8urZ2XK+VZeDbYZ+XuK7khTG3AOQ/s=
@size 1419
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_security_mal_creddumper.yml
@sha /bR3BIj0QLvlM4LDYFzVviFWGwkPItiZwDNLQW5orcE=
@size 1171
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_security_mal_service_installs.yml
@sha y5QuQvQRazmvc9OdMteDQbyGLozbu4V8jVaNgHADhCI=
@size 1069
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_security_metasploit_or_impacket_smb_psexec_service_install.yml
@sha M6LaQCAfwFwIfW/Z+QTsPF6eDT9KTKyLIOpmzFud6uU=
@size 1354
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_security_meterpreter_or_cobaltstrike_getsystem_service_install.yml
@sha 9IW6qoLZHfMHEVADMW+H/2Tb6awCT/QwdhbdOADDcsI=
@size 1905
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_security_powershell_script_installed_as_service.yml
@sha sb46QMmzrlV7x6ECckrG32Bu7axoD7k/EodPqjqhQxE=
@size 711
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_security_tap_driver_installation.yml
@sha zczHrEycwajOG8Xlm0LWGfEDmaSht+E3EA2RSWeftX4=
@size 679
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_security_wmi_persistence.yml
@sha b88w9t8jg4aSvCvjohsbHeHG3RwiByJwQs0Yg++8v2c=
@size 913
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_smb_file_creation_admin_shares.yml
@sha HoRIkSVVOYQFCCSv2ltl90EZ/DIh3bB4nEgLHdEq+Eo=
@size 878
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_add_domain_trust.yml
@sha cxuoTMe/izmkYD0U1QhYxRavF1hqnd+zp07RGAlYggY=
@size 464
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_add_sid_history.yml
@sha QkWTmrgwpD8KPC61JAevWEUyxj1K3JRynfsfZqr15GE=
@size 856
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_codeintegrity_check_failure.yml
@sha dgALLnAbzHRdmUd/bSZZI+Nz6HLBQZD39zK4FHX/W60=
@size 494
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_dsrm_password_change.yml
@sha Sh5Q7bvmv9bq2hGjGasp7Gi3QNog2kLw1iqDtBRXxWM=
@size 666
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_eventlog_cleared.yml
@sha 3xSPyp6DiW8d+HBwx0LgXN0/ZcaKT2fnIRo+X4AW9yk=
@size 1092
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_failed_logon_reasons.yml
@sha EJ/1mjmlMNMvui6l8K3U5qJ1Pp/CZ2pwUzFD8acNalE=
@size 1642
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_failed_logon_source.yml
@sha VT5Dq6eF4KQ8shKvIpBYD4nzXTLsaJ2gZsxqalWjI0M=
@size 1277
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_failed_logons_explicit_credentials.yml
@sha F0VepWOCLSaV82ymQ9fCvx67I8+AF6tYovuC6poMI48=
@size 864
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_failed_logons_single_process.yml
@sha FJSKuO/YukEq0Bxb950aNGb/NTvjvfwbuZ5fL7Si9hE=
@size 1040
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_failed_logons_single_source.yml
@sha pVTYYmTzlWJPDwxWpefzjP0VUTT7h6BRiUOzGpk7UYU=
@size 774
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_failed_logons_single_source2.yml
@sha QNytQrgfRRs85ZwhS3WPMSS9Mwg4Cw83IgSukCKKILk=
@size 833
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_failed_logons_single_source_kerberos.yml
@sha 31PNWsFhW+qEkX+pKDYHYa4ooEvw89sql9YYVqNLMe4=
@size 1013
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_failed_logons_single_source_kerberos2.yml
@sha fdj9fkJD/4iap9nAEtUssadKlvWzHJB1aETPF3+2Xdk=
@size 1003
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_failed_logons_single_source_kerberos3.yml
@sha z3SuxNwsawsnBELo7+FLcW64FVzVP4UEx+j7p8/1w2g=
@size 1000
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_failed_logons_single_source_ntlm.yml
@sha bCUZrgRz4c/Nvjg+E4vI+ogSnaPcPRw1nE5qQ6jd354=
@size 1002
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_failed_logons_single_source_ntlm2.yml
@sha 7LaFAq0udMb+3w1JR1ziTVp32BFJPIBOimAhZsEc1+U=
@size 1013
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_failed_remote_logons_single_source.yml
@sha rcvAAKeBEP8GxT8m/nDjF7kQrVYNcVuSP/OYBpUduSI=
@size 910
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_interactive_logons.yml
@sha iEA1SfYv2eSth0fETpBbV6AOhSefs/wQrrfYsxRjeCI=
@size 692
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_kerberos_manipulation.yml
@sha NPD2auHRL5UnfgxdVZNZvAYQJoHM9Qqv+C14ZbbwhZc=
@size 987
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_krbrelayup.yml
@sha IDqaF0QPa3F9yxJxQzRwB7pdkJRED6NV16ZKDNECI6k=
@size 968
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_ldap_dataexchange.yml
@sha F1gs5sRCd4x2V6439TzcvCrUMBbbjKMaRQ1/Z7l8EPU=
@size 1084
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_local_anon_logon_created.yml
@sha HGta9FdOmncTqzs5bCLbeIZ0pDfy109lOqLlFaO349M=
@size 822
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_logon_explicit_credentials.yml
@sha PEz3Ahi07fHGQT7tZJcMf2hbbyIYUEH0tabYQOq9cB8=
@size 996
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_lsass_dump.yml
@sha 9d29PMTENTgOx7mZ0RDGNa7tXNnldTkZ97HgPsqmiKg=
@size 664
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_lsass_dump_generic.yml
@sha TLkvVZ8WBlEi4xZlEtYzKshO6sS/x11esDI/ECd2EJQ=
@size 2991
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_multiple_files_renamed_or_deleted.yml
@sha amQ9teeKzKMWll3AB+yUNOv25zXlO+Yqa/kyxGjKHWc=
@size 1042
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_net_recon_activity.yml
@sha e8mttMV+rpVO3F6Fm5pa8iYrFFK/lGvwnG4P3e66c1w=
@size 1092
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_opened_encrypted_zip.yml
@sha eEMGepFbbSOSm2XLC8rAkdPho2hNBa6BveFzFslLkdI=
@size 801
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_opened_encrypted_zip_filename.yml
@sha b6pAA3DpcMXOSxUJLITFlHw2tYo7OG+LtP38ChZW2bM=
@size 960
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_opened_encrypted_zip_outlook.yml
@sha BQmbpjkmBDA1zd3Sl0NCPormC+V+b2v2cMtdm5Fiwgc=
@size 734
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_outbound_kerberos_connection.yml
@sha XWRfGrl6bAg+tyTOmS0dfFNyy1ACMd1jddlHs7PLmp4=
@size 761
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_psexec.yml
@sha 5tKD8BseCCf9eRB12dbo/Nf++/x8i8o5NCm13+tWghs=
@size 995
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_raccess_sensitive_fext.yml
@sha H9cNrM5ypcbSdN1/Sm71ZO8LqKGJg/qh9UuqF09esu4=
@size 1020
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_rc4_kerberos.yml
@sha 395RPvIUhT2Ordd0YrGqasWOvPTpUlwk/ztgSB9TazM=
@size 861
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_rottenpotato.yml
@sha /PcwAYigbxgOJCMytMy3MmRs/ION3dYZnQX4w16Dhj0=
@size 768
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_samr_pwset.yml
@sha h5iazCSkgLgjbilgQp/HfsGtSXf47hepyy7o0Oy5zh0=
@size 807
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_sdelete.yml
@sha UZgvUZ0G14tc7BSeNFM5zmvHGXLVsy4ZypW3oyScOzY=
@size 852
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_time_modification.yml
@sha cbbe2yeWr9Dci8CCzd8z/oMBpV1VUq6YF5wVf77PgaU=
@size 1338
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_susp_wmi_login.yml
@sha 64jM55yZoK+iPxQsnMLWI8QCH7RgW8ygc9Pu53vx4rw=
@size 479
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_svcctl_remote_service.yml
@sha +VqmuLOqjuhfEitLNLXN9sXkGF6H+SbBYryqgtGnvpE=
@size 804
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_syskey_registry_access.yml
@sha bV5SJK+6vsd+dpn5kmvbDTeWd3rcXLLXnvhZ00fZLHg=
@size 718
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_sysmon_channel_reference_deletion.yml
@sha 3HWR8ncP+n2sfVCPccW8FqmJxj3V4dgqU5cZ4D8xDOg=
@size 1204
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_transferring_files_with_credential_data_via_network_shares.yml
@sha k2VbjwxORCf1SEPbIwxaa4tYFEeFsl1543rzIONamSU=
@size 1017
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_user_added_to_local_administrators.yml
@sha urbXU8HHZ7UAFB92MqFE3Bd/JTIuJMB+rK9B6C2DGGQ=
@size 916
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_user_couldnt_call_privileged_service_lsaregisterlogonprocess.yml
@sha 5JSvKoxOXSA1oQrVRIA7mj9J+Dsy3PIQX99Ii3p+Ncs=
@size 1020
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_user_creation.yml
@sha VHlQVoQrV+jsvnjqMxAOHpfLctm4yV8P4O5A9gN7p7o=
@size 830
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_user_driver_loaded.yml
@sha UoXI7/6Tgu/LHrORQfN1OnKhlRI041LRwX0+PIQwXRs=
@size 2025
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_vssaudit_secevent_source_registration.yml
@sha m+mFqqGeKpjqQHDS37Azp7HgkPqH5lT+5i9x17AAwlQ=
@size 973
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/security/win_wmiprvse_wbemcomn_dll_hijack.yml
@sha x1tB5DgUMLtDxnb+8LwbdhzFV8U9W0LMAZ1yJXgMYps=
@size 892
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/servicebus/
opensearch/opensearch-security-analytics/rules/windows/builtin/servicebus/win_hybridconnectionmgr_svc_running.yml
@sha RnGNDGL7fJf76spa8KddYw7IhgJp65BhVL3Jgv3Qmk0=
@size 859
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/smbclient/
opensearch/opensearch-security-analytics/rules/windows/builtin/smbclient/win_susp_failed_guest_logon.yml
@sha C7Xg6lP1ewevhvaP5qw7FLuzxmtFtwSJp2Ay3qFp2Rg=
@size 932
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_apt_carbonpaper_turla.yml
@sha 1cOEaR63pZ3jpNtK/E8gv6RlJbPhQCfxIA6yuSyC6n8=
@size 708
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_apt_chafer_mar18_system.yml
@sha KNYEdwonb5iJAvQmEwhXzaACeQYvsub5i8ql1CFp0VI=
@size 943
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_apt_stonedrill.yml
@sha zpomBmy8pvHxvWuGBjwm7uQ7gNZuQLp7F3IgI41a/MU=
@size 730
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_apt_turla_service_png.yml
@sha LuxBkjYJi8L+wVg94KuhXxJAHDszno09EyepzQ+4orc=
@size 689
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_cobaltstrike_service_installs.yml
@sha AGkD1RoNol/vZX1ekVcQbeIphBomtCBNhEY2xkcw1bE=
@size 1417
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_eventlog_cleared.yml
@sha kF0ax4tAOOqxiv/hcsvpU9BHI/uSR2brfMxWrkXWSL8=
@size 1062
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_hack_smbexec.yml
@sha MdI2IyF0gk55QsuD70fj7CK4lJyuqHHaHggBFh8muRM=
@size 764
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_invoke_obfuscation_clip_services.yml
@sha Hy8prQBOi93GbazwcU7tgV55bKpHLn8ZsA/FEQw4aOc=
@size 744
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_invoke_obfuscation_obfuscated_iex_services.yml
@sha xOE55LvYEVDpq6GQZFdBG/j9rgMAz0+KVHSn4IwXflA=
@size 1197
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_invoke_obfuscation_stdin_services.yml
@sha xIpe8Ph/N7DK1ds3l/JhYoGGukxwS731bBPy+05cRfQ=
@size 729
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_invoke_obfuscation_var_services.yml
@sha JQw66F8SnSeM05O4qxL439VxShgYdQGq3rmFPgZvHcY=
@size 771
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_invoke_obfuscation_via_compress_services.yml
@sha HiwPe9cbP1ymiIh6EGXZY2rukLsXy948sk/52o58BZ8=
@size 893
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_invoke_obfuscation_via_rundll_services.yml
@sha uCu48e1MCl/bBiz4NtWzirR2H5sj70IPC2LVQ3oQrUE=
@size 789
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_invoke_obfuscation_via_stdin_services.yml
@sha tbIqRqKRLix4CzeOtLo3o6glLm5PJPRYj2AUXdcVb+E=
@size 703
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_invoke_obfuscation_via_use_clip_services.yml
@sha oQmJEkc8lxbLNqM30GcrBs9MuXhNi6jAzWzNqlrPEpE=
@size 681
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_invoke_obfuscation_via_use_mshta_services.yml
@sha vXWI/r5+OyN/mlBKIhzm13YyhrNSPDDZMpmbUkbTcm8=
@size 728
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_invoke_obfuscation_via_use_rundll32_services.yml
@sha Ci931PjxWb1ZXEq/cOpviZVW6IlKwm0OKgllbDzD5CY=
@size 896
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_invoke_obfuscation_via_var_services.yml
@sha 1hpIVhyhWru9kSCx583NO5g+KkBjQErNp2poXNsxyqA=
@size 738
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_lsasrv_ntlmv1.yml
@sha nqBiLrHC2yVaAyqN9GC0eXHGWOos0dUhS35bJD9+PMY=
@size 647
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_mal_creddumper.yml
@sha KjVahBHsaQHolGMhk1kyw5yylUVmdh1C8GxJxbB+mnU=
@size 1136
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_meterpreter_or_cobaltstrike_getsystem_service_installation.yml
@sha LgSFoYe0dGmbgrlXvXmNO2XqYiVhvWA4E7hfcrSULak=
@size 1969
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_moriya_rootkit.yml
@sha R7lvWoD6XIIbHJnvipdmxRS9GX6ZlI/FUdZZHA0XyLo=
@size 678
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_ntfs_vuln_exploit.yml
@sha yRjRzlJFQo8oLJAWE2NPTc1Uiz/Icinenm2lRvfs4eU=
@size 927
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_pcap_drivers.yml
@sha QjDH+105NoXKWoOkNjtxICjgNQZr/LT9eL65IQ8Sbi0=
@size 862
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_possible_zerologon_exploitation_using_wellknown_tools.yml
@sha GMY0yuyW3Nyv2SSQW8PRPMg9ZKAi8dX41Eh1C9/JEPY=
@size 837
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_powershell_script_installed_as_service.yml
@sha jmdeslHvlEiiTHdlijGbSq9FUy/rzGftITby8U8wEZs=
@size 676
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_quarkspwdump_clearing_hive_access_history.yml
@sha zfe+UY4eG+H+66bcfY7PgzeRnGi8vnq+s/tMP2DguxQ=
@size 565
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_rare_service_installs.yml
@sha H6owod28Q9mTIgsAJkPNdnsGET60RiwU83iLpN+EnDE=
@size 674
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_rdp_potential_cve_2019_0708.yml
@sha EvxOVBko7ndlSRKfVnice6zWIKBYl3G5IZ4AS75Fbkg=
@size 761
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_sample_rule.yml
@sha 5RqSaZVMtxHE2G9khb9IXpohx3wX15BcNZbBLaBmoE8=
@size 603
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_security_krbrelayup_service_installation.yml
@sha BpI/bM16EWsyiJO4dkzd09mvzId2cvoqiBf595vFpCg=
@size 638
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_service_hacktools.yml
@sha AGkfkk41vPunziyEKp0o4NugBzbVMqSw9cRy4+bPQHo=
@size 933
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_service_install_susp_double_ampersand.yml
@sha 58b6Dfy21gcG4WAZj/+8RaoJfeo65U2AfxrS3euV9Ww=
@size 601
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_susp_dhcp_config.yml
@sha VBDygXgBq4hpnu1f6lFaHP0bOfj8oigmFA4+GkJQfW0=
@size 794
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_susp_dhcp_config_failed.yml
@sha RGh43AwLbrB4+GfE7RHnfiySh3UUeT1MCa2bF2HhP48=
@size 897
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_susp_proceshacker.yml
@sha w87oWBP/l8TLGKIAfawSMcO+ntsi79mTXqcR0YhAXsM=
@size 733
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_susp_sam_dump.yml
@sha mZ+tteA4ZuB/9OY7WidV9iFYpp1DxJmDcQ3vnWhcS5I=
@size 644
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_susp_service_installation.yml
@sha zdq9E4i1uwUYri51hwVBM6drLq5wRhVQgHbG6S2aa2M=
@size 1429
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_susp_service_installation_folder.yml
@sha qWzrtJoTpVwQZTHhcqME1Jn1lj3J7CZR002ksOiYemc=
@size 642
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_susp_service_installation_folder_pattern.yml
@sha viAG/rh/JdE8blvUqtLUhYwOKp6Pd9rn8CibE0vPAfE=
@size 685
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_susp_service_installation_script.yml
@sha 63fe3G5zuSuZF+PaIAtISZlwv64K7tikpZXkl91HShA=
@size 730
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_susp_system_update_error.yml
@sha H6+lDRamEfhAtRMY1DJ0SkfriZkbX+ljq+0jni0Ak5U=
@size 1101
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_system_application_sysmon_crash.yml
@sha jVoL0aix7MAkjqWw4FodSIwInhjFcXaBtjP7Si7xKT0=
@size 489
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_system_defender_disabled.yml
@sha VcczRJKpHSp/kipzbZJq1ROAiai5SFvU/q684UrdaLM=
@size 1080
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_system_susp_eventlog_cleared.yml
@sha TtMMohl/2bFjoOzHS3JLMGkSXutelb2rEXNcY8S+Xkg=
@size 1106
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_tap_driver_installation.yml
@sha 4rtE9Y7z7tjZJfz6fR5QzisVDZWLbwxIf0n73KqFUPo=
@size 644
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_tool_psexec.yml
@sha TJWvxV6iz57H17/FWSA+OSJc/udrv1yMKWqFwoRtGLc=
@size 996
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_volume_shadow_copy_mount.yml
@sha cMAakz8K7gmJJ1Bs+RRFng1GB8/RTZqe7favgLeb6eA=
@size 767
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_vul_cve_2020_1472.yml
@sha VOBH8BhU9U38NhjFa+ZePFjBPC19d27ehuqcg6nQrOA=
@size 811
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/system/win_vul_cve_2021_42278_or_cve_2021_42287.yml
@sha U/tlSzZhcU3ihMxp4RH7Nh+t922n1dAFamHgbHAgxbA=
@size 1153
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/taskscheduler/
opensearch/opensearch-security-analytics/rules/windows/builtin/taskscheduler/win_rare_schtask_creation.yml
@sha Ytxf3BbwY534WHTpmhVseUZB4cxNBNt387dJ+4jNaIg=
@size 724
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/terminalservices/
opensearch/opensearch-security-analytics/rules/windows/builtin/terminalservices/win_terminalservices_rdp_ngrok.yml
@sha zUrLX+sZXPAd6TzR+4Yr5IRf/EwELjyOHab4KNbOorI=
@size 717
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/win_alert_mimikatz_keywords.yml
@sha c9GTzA2Wx9XBKHZmhfgLSw/iON2yVEIEkQ6wnLgI2Rk=
@size 1553
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/win_susp_logon_newcredentials.yml
@sha Xj8Tezwi9yh53eTeOh6ls8tQzU0p3dCz3XDcJZaY2sc=
@size 508
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/windefend/
opensearch/opensearch-security-analytics/rules/windows/builtin/windefend/win_alert_lsass_access.yml
@sha NmDFt5LwirqU8CvPlilc60shF21AcwqnRPSAT1yjLsQ=
@size 1804
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/windefend/win_defender_amsi_trigger.yml
@sha Y315wglPXAJwdwlsfyAr4DLkfmf9mUiC6SmcCVGBO9w=
@size 553
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/windefend/win_defender_disabled.yml
@sha /6FUw0qwkNNmXN9NUhovs6qjZDZpsTe4HWhx3WeSRzI=
@size 807
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/windefend/win_defender_exclusions.yml
@sha oqTUo/JfffU1ToHjRQyHBZYo7DQwfWc+NqODDkCF81A=
@size 614
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/windefend/win_defender_history_delete.yml
@sha Eja4T7ie0IK+JGTsryjjGx3/QQB9uUs5nx3ZhP8uU10=
@size 909
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/windefend/win_defender_psexec_wmi_asr.yml
@sha /6iSj2JKZ7pcTte4U3YDvwtINxS5GxLPMab0+rAi4R8=
@size 1071
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/windefend/win_defender_tamper_protection_trigger.yml
@sha kJEUdY6uUwv3eeA6/ZPY3P2BaWntYNkxnzqXFMcxngQ=
@size 760
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/windefend/win_defender_threat.yml
@sha /R+zRUii+JqoD4UftL2ZLrwfkkMIz6s/wLcakJEUmWw=
@size 667
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/builtin/wmi/
opensearch/opensearch-security-analytics/rules/windows/builtin/wmi/win_wmi_persistence.yml
@sha l7uW2YOhJiP+xnV9EGZLPbB6AG1JqwuAdH5NSzYWJLs=
@size 1484
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/create_remote_thread/
opensearch/opensearch-security-analytics/rules/windows/create_remote_thread/create_remote_thread_win_susp_targets.yml
@sha Xq1Xoros1ZkqLNkIxGb03iCGoFrbv07lN9J/wUpz1gA=
@size 654
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/create_remote_thread/create_remote_thread_win_ttdinjec.yml
@sha Jjx6bNG/Uez8gk12kHhhUBUguRxE1FS7GxZ9xGyzO7M=
@size 563
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/create_remote_thread/sysmon_cactustorch.yml
@sha viXg1mda4toG6tlPlEVt7I1AInJw32SKy//KFHx1hLQ=
@size 997
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/create_remote_thread/sysmon_cobaltstrike_process_injection.yml
@sha aw+gaYcOvpLIXSjnJq97E8Y7ptA/Edx8t/6C+esItV4=
@size 844
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/create_remote_thread/sysmon_createremotethread_loadlibrary.yml
@sha cuI+qsoDfCa7/WDt9J4l9gnzTs1caSEKmzN/GfHnkTg=
@size 680
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/create_remote_thread/sysmon_password_dumper_keepass.yml
@sha gGx/D5EEGAWn89HiICk15mSRCgPFR4APJBQ5Fjdtb6U=
@size 650
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/create_remote_thread/sysmon_password_dumper_lsass.yml
@sha 2rsR33LdKTLjGPFd3jpckF/+k7AH19tXqBtAs1wk6FE=
@size 821
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/create_remote_thread/sysmon_powershell_code_injection.yml
@sha 9ULWj8czi/A8Jd7ijr4O703Y3w9Z5tImCc9fLSfW/94=
@size 677
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/create_remote_thread/sysmon_susp_powershell_rundll32.yml
@sha xOnpbYLSNrREzhz4UwAijAMhx3BbHqO2529qXNu4jNA=
@size 724
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/create_remote_thread/sysmon_susp_remote_thread.yml
@sha hEXYOILBoqTih1P3q2DNIOhCXosoysO1R8H4POBtCGU=
@size 3278
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/create_stream_hash/
opensearch/opensearch-security-analytics/rules/windows/create_stream_hash/sysmon_ads_executable.yml
@sha YAQOAsJPdB3/RDKQ4DHZwwRzM8yNZKm1nDZ7h7KHdsk=
@size 782
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/create_stream_hash/sysmon_regedit_export_to_ads.yml
@sha IVC45NKp78cPHUOtKb/Kc3W+jnwfOn5Vm3w0dM3YFXc=
@size 729
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/dns_query/
opensearch/opensearch-security-analytics/rules/windows/dns_query/dns_query_win_ammyy.yml
@sha hFghwvPEq6UrnZKHD1qbFnUc/YpwWoKg5QBdtyTLrA4=
@size 1125
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/dns_query/dns_query_win_gotoopener.yml
@sha ZS77XR7bW4JEct8oc1tSgH4fEso6TMtTjBjcgUd9ZLE=
@size 1083
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/dns_query/dns_query_win_hybridconnectionmgr_servicebus.yml
@sha 0xZaRL60F1hvNPezDxNuK0KYkVS3E/hFu2YlS/I9xe4=
@size 767
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/dns_query/dns_query_win_lobas_appinstaller.yml
@sha 4i8G0ojh0k4uRGxdTWg51WBHjuywnBdGdPheLRrjSv0=
@size 751
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/dns_query/dns_query_win_logmein.yml
@sha YTaiM2dy+T0pLt2MkRaqAzROsYNVbF972wvgFzT+9vg=
@size 1137
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/dns_query/dns_query_win_mal_cobaltstrike.yml
@sha zYpxjAvhzL7WkKXMUNrkEZ5b82EJheFSobjipNxJ+W0=
@size 803
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/dns_query/dns_query_win_mega_nz.yml
@sha ERS9hupqiF/ExkQAh3N++WGq64h8PIZK99shmQ5TrSw=
@size 631
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/dns_query/dns_query_win_possible_dns_rebinding.yml
@sha omg0zT4mxmoh8fzt4KIzau73uJeeRdzsJReOUnw+aJU=
@size 1343
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/dns_query/dns_query_win_regsvr32_network_activity.yml
@sha aHmmViG85edIoqmHZUBO2Ab7SWVZgBINLHpX2ntgrFg=
@size 976
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/dns_query/dns_query_win_susp_ipify.yml
@sha jw2y/lnHjExxfu20Xaoh81I22hqcrb6yTdBJ/gYweu8=
@size 1467
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/dns_query/dns_query_win_susp_teamviewer.yml
@sha lnj7JD6uLBVCYPbNrhoPvZd6IUmoFHPHzN8MVu7vCwU=
@size 855
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/dns_query/dns_query_win_tor_onion.yml
@sha 8RYGGa/oQb4J2xooQzKrtX0LROhTfQMwR2kB0mXWSCw=
@size 548
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/dns_query/dns_query_win_ufile_io.yml
@sha TIlvo3J3cbaG03Bcdh9KqQ+ohBcUUOHWZTx5DVCTy44=
@size 565
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/driver_load/
opensearch/opensearch-security-analytics/rules/windows/driver_load/driver_load_mal_creddumper.yml
@sha xaStul1eTATQQkLwaRvgKz/o4BSHFoYSwCzziGJQwTU=
@size 1153
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/driver_load/driver_load_meterpreter_or_cobaltstrike_getsystem_service_installation.yml
@sha urw0GbWSc7W4ja3GArPyLQW9/6BtFMcQigdSKh9r2ns=
@size 1822
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/driver_load/driver_load_powershell_script_installed_as_service.yml
@sha SsC0wKtwDvdgR8xTepqCWegv/KMp4nWPxIXaNgG3g9I=
@size 685
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/driver_load/driver_load_susp_temp_use.yml
@sha GfSE3fSHU7zf8PVqjOiKRqG1BOu87JIuHiU+JWRP28E=
@size 553
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/driver_load/driver_load_vuln_dell_driver.yml
@sha TXYsa84q3pApkEf7HlAmY1vHyfeTXbBsmH58iz7NlPA=
@size 1182
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/driver_load/driver_load_windivert.yml
@sha 9inuY48/Ki+sfTD1RUPPJWUTcNUPkVx9OqxCaxqeJuI=
@size 770
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_access/
opensearch/opensearch-security-analytics/rules/windows/file_access/file_access_win_browser_credential_stealing.yml
@sha AMFmKisMV0T3uouhPeY1l39jMBmJN6kU+Vq0549f+eM=
@size 1650
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_delete/
opensearch/opensearch-security-analytics/rules/windows/file_delete/file_delete_win_cve_2021_1675_printspooler_del.yml
@sha zeeI302VbNSPld96vhj+fXnFn8fEqY4yiAK6QCbkA24=
@size 749
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_delete/file_delete_win_delete_appli_log.yml
@sha cVdXQXqn9devtGJyvA+vI6jgNcgFBsGgvchs4/6BPvY=
@size 693
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_delete/file_delete_win_delete_backup_file.yml
@sha mnbhMwlpt2PhQqlvvqJLMBykiJaKxMgbZvV8az9xlXs=
@size 836
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_delete/file_delete_win_delete_prefetch.yml
@sha wS8DmiBUb9hNcH7piMIEwyeg1ucmtWgOSoixjAK92M0=
@size 713
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_delete/file_delete_win_sysinternals_sdelete_file_deletion.yml
@sha DIKksFt+GnSTx/Hcn11Qrbx8y2tlrto1+DBt3xKIrto=
@size 813
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_access_susp_unattend_xml.yml
@sha aLaQuTaQrAdil1cuGwHcFvHk9dyEpHR3lQhh8P35LcU=
@size 789
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_advanced_ip_scanner.yml
@sha E1LanhyDBTjJdCuGoBXgLOHg0SO2trNzurZ2srNpiC8=
@size 1127
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_anydesk_artefact.yml
@sha KvzwT9Bg5RC9tergfI/MYVDx8d37ds1pXq3vxUOMfmQ=
@size 1262
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_apt_unidentified_nov_18.yml
@sha f1rx+vrIJnD4hMm4xRM+xBgzTrYWyUPD+RzZG8MUb0E=
@size 755
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_crackmapexec_patterns.yml
@sha PP0z0FcMM8rtFv4+9X6bZur8d5i/nYnzS87tz6vKayM=
@size 1567
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_creation_new_shim_database.yml
@sha smVuoSVQIsQNQ1Wws+MB8IZSpqRGw508QyYAcKFDqj0=
@size 982
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_creation_scr_binary_file.yml
@sha qD/jMHgEi64Tp8z6bV3/QVhu2TQHZ68gYjaYWr8WJLg=
@size 909
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_creation_system_file.yml
@sha fRIMfPbhj1HDLhOQEdlHoWhn8s6zc/EmsGw4TuBJcKw=
@size 1948
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_creation_unquoted_service_path.yml
@sha LPlarbUR6YE3zs9jQKLcWnbbR7PsgSLramXPTcgmDls=
@size 835
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_cred_dump_tools_dropped_files.yml
@sha wjqwvGHFHizmX1HZIpNUnoBN3YeOUVgRpqfSk41eVbE=
@size 1329
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_csharp_compile_artefact.yml
@sha MAALhjCUXr/z0TyV5POyibUEtvPqt85zDu5pSNB68Uk=
@size 773
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_cve_2021_1675_printspooler.yml
@sha A/cpHGzzBKWW/qLeuGG+tLW7Vho/78nF6YG+VDXkw5A=
@size 868
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_cve_2021_26858_msexchange.yml
@sha MxuoW8YNd+GuiMeV09eI8ns790aJy0s2LAGtaaCs9v0=
@size 1046
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_cve_2021_31979_cve_2021_33771_exploits.yml
@sha waNgG0YCtcqkeYJSAAUu3C63fCZtw6nLoA0rUu2up+k=
@size 1618
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_cve_2021_41379_msi_lpe.yml
@sha oilDsdyCqQWK5QH71h5VKxkeRMS21kcSBtgHr1fdNXo=
@size 930
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_cve_2021_44077_poc_default_files.yml
@sha ofHbn5NdmsAyRBTOpj1ul3jV+svngaREsvGaCyWkhnE=
@size 832
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_cve_2022_24527_lpe.yml
@sha 2SzDsQmvHxNJxa4oh7iQ64CkB0JbGzN9fqXuJuPcOLQ=
@size 854
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_detect_powerup_dllhijacking.yml
@sha sg1YXIqYiTJurRhm0hoOQ+ibdiwOyLYsMHUdgFZ9P38=
@size 928
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_ghostpack_safetykatz.yml
@sha Dnsp/fHxIdyRRYKiAUH9ZHazwmKT9xUcwfjwoQJT18U=
@size 493
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_gotoopener_artefact.yml
@sha GjD8BIXPxs/+6NXlhKC2cpsEsy9Xs9CnWMo8YeG+9jU=
@size 1201
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_hack_dumpert.yml
@sha rqdIuVzOrdAkHsg6ef70EKz8xG4gz2dJ/au62/WULl4=
@size 744
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_hivenightmare_file_exports.yml
@sha gfQ/8Se0rOUPSytjStAFkeWUOf71p+Dp7orzYeljBAY=
@size 1172
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_hktl_nppspy.yml
@sha qc8/oGIzWM+E4aTnYEQs0wl0CoUiELUHZHZ3WRG98A4=
@size 733
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_install_teamviewer_desktop.yml
@sha 9KI+HTlWBqPyaFe/QAjuvkskn557q+sFNfKrLiWgJYk=
@size 604
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_iso_file_recent.yml
@sha l8zk0JC0/GTYKxvtT2KSung/TldzssvEZv8xodof+XQ=
@size 1280
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_lsass_dump.yml
@sha N3+AuceWW6hESq2EVdhT3ZM0KeH5vk5iSadclI7iOVc=
@size 1704
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_lsass_memory_dump_file_creation.yml
@sha qtU1bvoNQUHHbUdf3WRokTQ4hTm1X6p94lusAsgE9BM=
@size 968
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_lsass_werfault_dump.yml
@sha Ekn99nq1LzQxaq8CWC3feEsLzPvXzXWeujd1AHeLdLI=
@size 703
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_macro_file.yml
@sha jXlDIbHAyGk9scIIgaVyzAMtQIrC5zHGZCp3PlmZfFg=
@size 998
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_mal_adwind.yml
@sha l1xVDioJzsz8mPcoqjXMGAd7/iGQe3x+v+8TJYoZDpY=
@size 1004
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_mal_octopus_scanner.yml
@sha oMeYnwRu4lR6ggqmBfPFsSS1moJiE39P8BYtf8JhbZU=
@size 600
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_mal_vhd_download.yml
@sha E3XJNgnzHFmaHbF3L6Cer7jHSSjk4Pee5g7O3+lgzkE=
@size 1368
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_mimikatz_kirbi_file_creation.yml
@sha rFQmyH+UhWA5sdWz88a+vZnXDg3+o2z9ztxPo4gbPqY=
@size 580
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_mimimaktz_memssp_log_file.yml
@sha jKqb7TU3nczm00hjmQe0cP+MKIAlzj3PCm8xjrtTMaA=
@size 553
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_moriya_rootkit.yml
@sha Qjv/y83ZnbP2ouuwFRMX/MV7vxC4bmq7ox55CL9X+BU=
@size 737
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_new_src_file.yml
@sha 8dfDIercJRWCO/GeSzPyimmzmSEmv0EH3eZoLa1vABY=
@size 872
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_notepad_plus_plus_persistence.yml
@sha BodIQx8J8V2IjpDwd8cT9lNa8xt9H8Vqto2CM5MA5TE=
@size 1187
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_ntds_dit.yml
@sha 0Q7/B8W/hvi7OB9FacnO5Nl1rYHB74sOZUx1J7/yt7I=
@size 1465
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_ntds_exfil_tools.yml
@sha QQRVtmhbnGavE4aWAvvexA0zyWfWqSTx2/JP2+8xmMc=
@size 1161
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_office_persistence.yml
@sha NQdYRuaP5vyMBqxLXOW404ocdMB+dAuPlUX3cuAM7dU=
@size 849
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_outlook_c2_macro_creation.yml
@sha USxhg6VOhkwScxRR1HRoQ0j/kI5C/I+OeQsH7NaLKoU=
@size 851
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_outlook_newform.yml
@sha t+FIv9trEZVFIZX6NcvXFon+JhWhymL7fRgVf8SEYiQ=
@size 667
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_pcre_net_temp_file.yml
@sha IX8wvWrBg9RYMmAF8VG+W2IsgB0v1IjgMa9T3jv6ofM=
@size 702
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_pingback_backdoor.yml
@sha yh6es5kv1BtVzMpQxelVSgR0l/tQjPfSrcuefE/un8Y=
@size 744
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_powershell_exploit_scripts.yml
@sha VMSPAwYA9ulSuUhzEhyPSRQB1xjwcfffNBXd2BT6Mng=
@size 7293
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_powershell_startup_shortcuts.yml
@sha YAqKvA9Cx3LWAWeKyog295juo0+ib3368btNppJQTus=
@size 1519
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_quarkspw_filedump.yml
@sha gLjkfCSPx9tMd3e9EKsUZ6GYF/si/OUWdlANlgL3EMo=
@size 631
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_rclone_exec_file.yml
@sha evjDwLuHkR38D+SMJC9YHjmtaBjnN0QTypzSSIsEoyM=
@size 676
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_redmimicry_winnti_filedrop.yml
@sha s61+ZBNtn1myD5gPOb4lFfmoCZDdQrCu/YEyZb85IJc=
@size 569
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_sam_dump.yml
@sha 35q2m1WbYD1/hOWddzcgP/3sVV6LRZnk09TlQ85X4lI=
@size 1541
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_screenconnect_artefact.yml
@sha aaaoiSwzvEU2HmnDthHA7eDP/+jMf4kU7B1V606J8yM=
@size 1204
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_script_creation_by_office_using_file_ext.yml
@sha 3k3t1wz66JkJpO9ADHCzZMb3gKMVuobeNt3IbeuzdIs=
@size 1918
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_startup_folder_file_write.yml
@sha Z6o0kmrlnnkln73soJKQs8SSF37Los/dS+ZTNoYKv8M=
@size 789
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_susp_adsi_cache_usage.yml
@sha lznlr3l3dF5y6eZhJA/dl7cruzOsInrRfN2pizxiEVU=
@size 1613
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_susp_clr_logs.yml
@sha sng7610ckhCOJbDZgKipud31K5FJvd3tm495LBogpqA=
@size 1445
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_susp_colorcpl.yml
@sha QuDAyha+qN583iO5FEvuxA0dL8rSJ3p4E9Nb7Gk7gX0=
@size 673
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_susp_creation_by_mobsync.yml
@sha /U0F1VSgHcrSyaaV4oHQ91HnG0XD4c9CFPnvS5CCv6U=
@size 761
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_susp_default_gpo_dir_write.yml
@sha BsDmB1o0Jcf2goYnBkx/tEUxRw47q7SbUuLlI8cIDrM=
@size 698
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_susp_desktop_ini.yml
@sha niKGXts3UUKC7PV0coMUvjIwqK/i8rGLGYH7GYy7+cw=
@size 924
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_susp_desktop_txt.yml
@sha b6RsX3EVcibuTxF2lEkI3GfLtsaBFDPtIVkfAMk/QTQ=
@size 660
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_susp_desktopimgdownldr_file.yml
@sha lnpZKRYn7nrmxsWUlVUfp4ylLLGeHZGANUYf9yLHxOk=
@size 1080
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_susp_diagcab.yml
@sha SrsUMmGbdcMiazxUc91Mz8fAznLtCyS10kqKlEosvbU=
@size 612
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_susp_dropper.yml
@sha vc5tqjPupxduHrCwrMDDSbJjVXUW1QysyM4XfeSEMgg=
@size 1515
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_susp_exchange_aspx_write.yml
@sha oNTBJSnEP21h7pjAGbeKGaioeB8UYyTMeJRgXPn2DJc=
@size 789
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_susp_get_variable.yml
@sha 5CdaW6xnQLjl3/ApybI1qmk+4Xlj66XiwmlDLy8FFgc=
@size 1007
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_susp_ntds_dit.yml
@sha hu/ItarLU9zKypKNzcf1u0GguAllbODn7JkD1n5NI4Q=
@size 740
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_susp_pfx_file_creation.yml
@sha qtg83pwJu8kqXDnajZQhcvCs8EOkqjAsiQT8Avxhcxw=
@size 807
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_susp_powershell_profile_create.yml
@sha R2mBCLm8i1TAyD3G9nryg1Dkl8Es/0qqjMSa4kMODno=
@size 795
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_susp_procexplorer_driver_created_in_tmp_folder.yml
@sha ablDd02sWbi50ehlIiPzU+SDEywPOA2aLhLBXI63r5A=
@size 1233
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_susp_system_interactive_powershell.yml
@sha 4J26IEjr/xA6g+2duI+NqN27sf3T4uMwQIgIp590XyQ=
@size 851
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_susp_task_write.yml
@sha JNHDHcuqgwnxKkyWF0c5bBueXFG7zMOVwO3WjcEMRUo=
@size 722
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_susp_teamviewer_remote_session.yml
@sha 6SIo3clQGgRgfWsJtpTpOPR1RVRriz8p9Ya53gY6DWc=
@size 764
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_susp_winword_startup.yml
@sha qm/WGMcSqGNZ1UJMyAfGoF26Wuuizs/K0t577Tcu4Kg=
@size 1082
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_tool_psexec.yml
@sha vfmVPGKze/OqVXMiAcx2Dlo6NT+rPAKQol0qYn8x0+4=
@size 861
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_tsclient_filewrite_startup.yml
@sha wgn6x7sPxbJVaqO7engdkFPZrEAJXyFqDApP2OVTUlE=
@size 585
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_uac_bypass_consent_comctl32.yml
@sha OTop7Got7NWrDyRTWJmWxMKR18aTd6bqI81gU4wFZBI=
@size 664
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_uac_bypass_dotnet_profiler.yml
@sha r8S+K+mrlJTbDnYHCKoIVmE7D11rh8mluara8ka/Nvg=
@size 670
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_uac_bypass_eventvwr.yml
@sha PZzkaGepYwWiGqS6nvopGd8QatShFV9+E5uYKgqm9Vs=
@size 898
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_uac_bypass_idiagnostic_profile.yml
@sha oSIfgKKUqtzciFiY5F8sOi/t5acVNJ9ffuhC4JSxBMU=
@size 769
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_uac_bypass_ieinstal.yml
@sha 6En3E4hRNiRIoWD0rEqSYJeSXNS4siAKsLJ62kuFtdY=
@size 731
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_uac_bypass_msconfig_gui.yml
@sha 9KneKuraRDorArJQ1i9m4Paee3YZw4RRvBik7V5Z/+c=
@size 655
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_uac_bypass_ntfs_reparse_point.yml
@sha uCyUr7Hfp8f8To+oi+4eXc8aS4xgg4j9/MnCj7NVfK4=
@size 700
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_uac_bypass_winsat.yml
@sha qpzCK6m2iQLWUduyl9m3E5XIAE67gt++k2lsrsZWQD0=
@size 742
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_uac_bypass_wmp.yml
@sha xsayaAHgOMtwQ4rEoPV2HgYsOZnkMg8yW17PA7LWtU0=
@size 812
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_webshell_creation_detect.yml
@sha SixXYOZyEnUzv/6pn+AJS46coHAXjrOVreMvMxetB+w=
@size 1394
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_werfault_dll_hijacking.yml
@sha l19K+1qLTpBM3KSqNdHTqa6l/AwOT3HgHbdCr1nmrNU=
@size 799
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_win_cscript_wscript_dropper.yml
@sha +j9Bbb5yZOB8O3eNCt8lHDQy75WlfQl1Nd2pABa8VeU=
@size 915
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_win_shell_write_susp_directory.yml
@sha bjIyb3ZNcZRE1KyeBEYYQCiJWNWuSmSK0zEjr5TWB4s=
@size 1447
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_winrm_awl_bypass.yml
@sha nT8HHQmhGlk8w8rSgtX1UzeI42TNsW7DPaEIVjTVgbg=
@size 1022
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_winword_cve_2021_40444.yml
@sha MpbIlHLvq7zTk4Fw9Lnp2PfK+xzKYjQBCtHtpjGY4A0=
@size 1170
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_wmi_persistence_script_event_consumer_write.yml
@sha P+2uv47d47O7MHHNO9CoCJPB9G+73oUQsvMLufgc8Aw=
@size 614
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_wmiprvse_wbemcomn_dll_hijack.yml
@sha qpXfpZUhXNP7gokDFcJxmLeYoPSu98OJ4KJy+fkllmY=
@size 827
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_word_template_creation.yml
@sha 6BbrNWC7QySkMhA9wh4U0XNGtTKHNMOoBkvFZ/SjjLA=
@size 1130
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_event/file_event_win_writing_local_admin_share.yml
@sha /J6Y9vP1Wz1gUlD6MoRBjvoU1/bZgLtJJEplhpvx5Mg=
@size 744
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/file_rename/
opensearch/opensearch-security-analytics/rules/windows/file_rename/file_rename_win_not_dll_to_dll.yml
@sha qFI+PBAL+5/j89FomKkUoB6BqolHQjxN4KDkRc/+qDo=
@size 1029
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_abusing_azure_browser_sso.yml
@sha YjTPxtbAv1Zp83Fj0ZQrjRL2PEXY9c29UAdf11WDXZs=
@size 1431
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_alternate_powershell_hosts_moduleload.yml
@sha JrDSvGcgRd0QZ9oRNO2iedzYhALGR7c9OV4RY0kLzDE=
@size 1082
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_foggyweb_nobelium.yml
@sha cQrGTY3aRofvrts1/EAymITWaFWLGWVXDdaoCcLIGiQ=
@size 609
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_in_memory_powershell.yml
@sha OkeTmQyByR/1IoRaVLLngdm6MXUKCdnjrMVURcWKEgo=
@size 2472
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_mimikatz_inmemory_detection.yml
@sha J7/f2F5CVBooSW42MNoseqnOpIzBk/3B3r4rVi8lcdQ=
@size 1005
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_msdt_sdiageng.yml
@sha DdzPdiCiOs2Q7SCOsFqmUqbeq2CH3pu8dcVxN3uHXCA=
@size 671
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_pcre_net_load.yml
@sha 9M5C8n6bpLxmhGKdYV9RbYWEo1v8gfOCVqd53Guhfn0=
@size 695
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_pingback_backdoor.yml
@sha jQc9FheU4XMDtfxd/E7tseeTMlTs1igFFZXhYxEenFQ=
@size 742
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_scrcons_imageload_wmi_scripteventconsumer.yml
@sha Tfd7SHj53nSok0WLirQhKEuya2fkbgBcZ0Rlbgb7GEI=
@size 1051
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_silenttrinity_stage_use.yml
@sha +0zBi5oGNLt9rCvWrLq3KyGLi7tKqiLRrkg99mHIwCo=
@size 613
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_spoolsv_dll_load.yml
@sha je8KfHebpi/cGnTmtRHhvXeUiPzLCms1z/+SlrAsfgE=
@size 917
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_susp_advapi32_dll.yml
@sha 17+zltdKkZ+TMrSLWbdrZws9bWjFAdXqMf1yullf+4g=
@size 964
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_susp_dbghelp_dbgcore_load.yml
@sha J1QyzPA2s5trfJ8ACdlDEaJngkbhO6DUZo2Vq2a3lng=
@size 2541
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_susp_fax_dll.yml
@sha TCNyDk3BZ2ajFMJW47vwAOpTt8z3PlOZAnypB7SlI+s=
@size 761
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_susp_image_load.yml
@sha cm+yXNgsK1TS4nU0Lp3g2yKykcEz4MIXcUjcA/sGH/s=
@size 694
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_susp_office_dotnet_assembly_dll_load.yml
@sha +9pF2kMuDTLw7NG+qXFrwg44oesF0SenjSMNwmMNjss=
@size 783
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_susp_office_dotnet_clr_dll_load.yml
@sha g1Mz4llk91DDxlTlih8gD6LCwSBjSbyZXK81AlvXSvE=
@size 757
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_susp_office_dotnet_gac_dll_load.yml
@sha j8jp+sDdgrrdOQTXRFgOYcr5R3ZAfs/xccP5asW6N10=
@size 797
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_susp_office_dsparse_dll_load.yml
@sha uPy9sZHOXQ/G9og1kMBkNxSR+hJ6qWCIJQriA2PVkwg=
@size 786
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_susp_office_kerberos_dll_load.yml
@sha ohh+0h6dj0RNt8yBB8kJDVkL+YbgWHBevYuIROtsIYk=
@size 789
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_susp_python_image_load.yml
@sha WxrJE5b1jLhz/oICaG9XgipZxtozIC4q1CKz0nKNYN0=
@size 860
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_susp_script_dotnet_clr_dll_load.yml
@sha R3XRjrXLcTC67FRgt/+dftXLAQm0PN74UYgkNcxI2sw=
@size 825
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_susp_system_drawing_load.yml
@sha HH9tJR6Eu5xXq7fsAHUn56kNiIeWuo1eIT5SwGqtM9I=
@size 1462
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_susp_vss_ps_load.yml
@sha sClEmBgfvfOvGyrdocJ7GjJCEcObHSd99Rw780nPW9w=
@size 1221
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_susp_winword_vbadll_load.yml
@sha D5eQO4QXmZpIZ4RwvmyF3oQJBb7YaU8QVwlD0ra+2v4=
@size 808
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_svchost_dll_search_order_hijack.yml
@sha 3BG8RF6tYB3/2Z7295Jrs0hprtvPxRwaYU5Bh4ZGnyo=
@size 1037
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_tttracer_mod_load.yml
@sha BgW+pCqjXN56e6M1IejLqZu0POkxq1XtjEAvv3S+dKg=
@size 979
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_uac_bypass_via_dism.yml
@sha mE435Oe6mdU2JwX+YYBaYfpldYD5iQFzxoAeApnUjek=
@size 800
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_uipromptforcreds_dlls.yml
@sha yvvhIbZVRyC55uPOdzmj8BkEd0M4vKS4uVjiW0gj1PM=
@size 1768
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_unsigned_image_loaded_into_lsass.yml
@sha +Aw0QWwUJy98R9tuJDDTP3RXWAeNH53J+S4HIsePzlA=
@size 636
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_usp_svchost_clfsw32.yml
@sha mBiLzON50EQW8D8sV0wrGG6GGE1PZM3D+gfUdKRRhEU=
@size 733
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_wmi_module_load.yml
@sha 27DzvnKmmyg8nqPXuoL29gu9V6g/FVFSAFTHH6NdESI=
@size 2368
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_wmi_persistence_commandline_event_consumer.yml
@sha ATlwnu+vUmsK34C2Dfr3aHT+Mzg8aOqqDVoDXQXHzBA=
@size 622
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_wmic_remote_xsl_scripting_dlls.yml
@sha 6xW1kDjcO+CVFgIAXakxZNznQv8TTGg2wA3CnnYtUME=
@size 972
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_wmiprvse_wbemcomn_dll_hijack.yml
@sha J4wx84Hk3ISsSuOl5Auk0j/9uVZKVWSNaMwpFE3br+4=
@size 838
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/image_load/image_load_wsman_provider_image_load.yml
@sha l2ILljQLHtgzsWGi19glwZ5jHMIeDKSLEZqwExpk2Po=
@size 2386
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/network_connection/
opensearch/opensearch-security-analytics/rules/windows/network_connection/net_connection_susp_win_binary_no_cmdline.yml
@sha CTJh+1SyEz+7lkdkq1BuXPTJx0926MFI8sx1ABbJ0Cg=
@size 905
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/network_connection/net_connection_win_binary_github_com.yml
@sha HHwHynjQRkyY/0ejl5y1WUOIicsr+WhdhckBbqEveFo=
@size 960
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/network_connection/net_connection_win_binary_susp_com.yml
@sha Tj93ykoGW5Z+T67A3X9z8p+izZto8tVI9f4sZPwOmDw=
@size 1019
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/network_connection/net_connection_win_crypto_mining.yml
@sha u9V7P0Y8wklwEHQn+WE5NkKHxxYz56eZZUuVMRxSOG8=
@size 1281
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/network_connection/net_connection_win_dllhost_net_connections.yml
@sha 0NG6oAy9XqetPAdw4pkicc2BCROJeiqZHUigP6iwGao=
@size 1458
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/network_connection/net_connection_win_eqnedt.yml
@sha 6SkpJ3Pi+fdhvBbsmmNzxrqa6lsRqelxHiSwrQY1sQ4=
@size 633
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/network_connection/net_connection_win_excel_outbound_network_connection.yml
@sha P9FSz/fPSsWwEgLVC8L8Wpr5X1xp6jGshr+Al+EYNmQ=
@size 1807
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/network_connection/net_connection_win_imewdbld.yml
@sha 6vEn5ibh52pwqkhN0eTuS4Alp68HSLRiKjcrwoMwb6g=
@size 690
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/network_connection/net_connection_win_malware_backconnect_ports.yml
@sha FpHqE5cEZ7krKUJqHPaydKmbJMyweMnk1LcWyel8L4g=
@size 2175
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/network_connection/net_connection_win_mega_nz.yml
@sha zh7jSrhnofK+O1IEKYBesMNcCDuN8qSAbxIn2v+T/+0=
@size 708
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/network_connection/net_connection_win_msiexec.yml
@sha QFdPmD348flzL8VjbMi1jw3TLRe1JVaLSXkw3oGQDho=
@size 861
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/network_connection/net_connection_win_notepad_network_connection.yml
@sha 7Tk8xpK3LgvgsnaD0jENJy8LSogz9vMo2HjVrY9C93w=
@size 750
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/network_connection/net_connection_win_powershell_network_connection.yml
@sha vd23m1Mx43/M4EEKmzS0e6hJZOQtxPYPAPVbSITBST4=
@size 1374
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/network_connection/net_connection_win_python.yml
@sha BeEPC6WKXns4t1dpafzSx9pcbkQeGap1Zi4lpxR5Nmk=
@size 728
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/network_connection/net_connection_win_rdp_reverse_tunnel.yml
@sha GMkB21VbY6bYouJ2wrOwp5DPf6iNHCKYHTVZ95h6Nh8=
@size 862
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/network_connection/net_connection_win_rdp_to_http.yml
@sha ckznJi6OLXv2oFt9Xr7LwOHZOAArCD0Ly/dQJ+aZvyA=
@size 881
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/network_connection/net_connection_win_regsvr32_network_activity.yml
@sha vu9bHhk5ANU3a10HGCBggjmvv+rdWuIeAKuUEyeGY+s=
@size 909
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/network_connection/net_connection_win_remote_powershell_session_network.yml
@sha 2iPPpkFFnu9i5GF99bLusW6AIZ9NtbfEBxeCM/lniDs=
@size 941
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/network_connection/net_connection_win_rundll32_net_connections.yml
@sha 9P+3OVdvPc6WUQcIvxPb87Tn2iglZ/iBhpx988cDfik=
@size 1354
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/network_connection/net_connection_win_silenttrinity_stager_msbuild_activity.yml
@sha JAjZnivRYXOTEbn+oXzbTu8m5ThOI1egzKjE78umbis=
@size 655
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/network_connection/net_connection_win_susp_dropbox_api.yml
@sha 2ObzKCBf3QIaL3XHrGhSsJRnSqP31g3SpNRrS2+E9JA=
@size 823
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/network_connection/net_connection_win_susp_outbound_kerberos_connection.yml
@sha W4HU7l2bfWMLz07ViKDFz4D98UzVO0M8+nNsCONfrMk=
@size 856
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/network_connection/net_connection_win_susp_outbound_mobsync_connection.yml
@sha 8a5w7AqPk1eKizUVwo3sCDgEC2YWO9haxvvlg+cxEkQ=
@size 1184
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/network_connection/net_connection_win_susp_outbound_smtp_connections.yml
@sha Q850M7E8XZ6Epjz+U6RGQ7GTgL/b9NsRZVNim4XPpFA=
@size 1142
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/network_connection/net_connection_win_susp_prog_location_network_connection.yml
@sha k+0RdcWKasb+5g0jwWxZEXHmr9/kj/p6dWu9Qih76ak=
@size 1304
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/network_connection/net_connection_win_susp_rdp.yml
@sha CrwT7ke768ImXWHqvkghdsIM+gnZc5xcemdybEVCctg=
@size 1508
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/network_connection/net_connection_win_wuauclt_network_connection.yml
@sha CS2PbWsUmGlcy/Nsm1oOicZgY5+3DvE3kIStGkL6QOo=
@size 758
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/pipe_created/
opensearch/opensearch-security-analytics/rules/windows/pipe_created/pipe_created_alternate_powershell_hosts_pipe.yml
@sha x7snq5BYRdjRab52dXHaPW8ypSiUNpdh7Lnh7t6VdSc=
@size 1568
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/pipe_created/pipe_created_apt_turla_namedpipes.yml
@sha njJaprrasyK4kkaoMajTR917Zhw9WuvLNLOpV8rYVbs=
@size 1605
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/pipe_created/pipe_created_cred_dump_tools_named_pipes.yml
@sha 1ljZ3RibfcMhaMgIQkqdY738GstcUej5WPfh3oxEewc=
@size 1332
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/pipe_created/pipe_created_efspotato_namedpipe.yml
@sha EXv0Wjz4wqXq7EGg2xZlkLebDb6jhqB6rm5J+jvmasU=
@size 1361
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/pipe_created/pipe_created_mal_cobaltstrike.yml
@sha Jvru64e5nP3JyFPe+FpWle02d1dbh3M3lFMasPbnUUw=
@size 1715
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/pipe_created/pipe_created_mal_cobaltstrike_re.yml
@sha OA60NsQxavihhAeN6NTrqVabEnRUpuPFEyMdSMvEb+I=
@size 2431
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/pipe_created/pipe_created_mal_namedpipes.yml
@sha OlOFqyzND8PmBaTVOrJloOwj7x9pLT6s+1A4fK8p97o=
@size 3539
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/pipe_created/pipe_created_powershell_execution_pipe.yml
@sha R3SiLP3JzjHryS47wC4EUfoYtqV8Veh7D5YLJYN7qVI=
@size 575
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/pipe_created/pipe_created_psexec_pipes_artifacts.yml
@sha S8Bh9jAb7itctcstE1vfhYoXGKBOdAbzmg4IDj1X/WU=
@size 1188
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/pipe_created/pipe_created_susp_adfs_namedpipe_connection.yml
@sha 85upX2l5I0WNjxDEG9E9Ih9tSyU9RiflK07+FlH1El0=
@size 1291
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/pipe_created/pipe_created_susp_cobaltstrike_pipe_patterns.yml
@sha 54UtjZEHLWpUnypPPihcvLJiU7IVz80w49DMHcovqwQ=
@size 2522
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/pipe_created/pipe_created_susp_wmi_consumer_namedpipe.yml
@sha Hst4/DeSi9JEkYb6nlAWHgT76+f1nqZsJO1RdKSyQpE=
@size 1092
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/pipe_created/pipe_created_tool_psexec.yml
@sha HVw5qzb+AziXg0VBH+zbUpTPSkQB99O2uOzbKd7ODNU=
@size 1401
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_classic/
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_classic/posh_pc_alternate_powershell_hosts.yml
@sha vzjvlp+YAkJ9IsuMYF8luZzw9is1kZyD6AT600b/HaE=
@size 1069
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_classic/posh_pc_delete_volume_shadow_copies.yml
@sha 8lq1H8GW4fTLKzxwG3V6957uWJ743mXhjRQ6Tl+bnLU=
@size 1197
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_classic/posh_pc_downgrade_attack.yml
@sha qc328iOObUvymS09Z3N7UnUTilfAa33feMZkyFzEfjw=
@size 842
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_classic/posh_pc_exe_calling_ps.yml
@sha fzfuP4l6aZa4ZgsCEiQ8ZvATg/NADJtV5rt0VO7VwTs=
@size 770
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_classic/posh_pc_powercat.yml
@sha Eph7T6ruKhbnWiJ7TH1ARCcXrX7Hi0rXJovtz+hT5No=
@size 913
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_classic/posh_pc_remote_powershell_session.yml
@sha aFziXMBl9vR4CXwPw1OfRsWbhRF0RukH702y1H1jmMc=
@size 842
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_classic/posh_pc_renamed_powershell.yml
@sha tbIrpM6JgkIF/OOyJ+sILICND0HZWHlSu9wrCjVRW1A=
@size 751
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_classic/posh_pc_susp_athremotefxvgpudisablementcommand.yml
@sha xamjZLbBL9LxGVx5wJGyGBDk0U4lADR89TIjC3MdkJ0=
@size 1311
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_classic/posh_pc_susp_download.yml
@sha jY+n57bEIgsH+W9BCTihWZKlXjFXxz2KoQJ9trSuVFU=
@size 867
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_classic/posh_pc_susp_get_nettcpconnection.yml
@sha cixxOdrzVFg/+SrgSzfKceIph0zSFHQN5o6HpchbxQg=
@size 817
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_classic/posh_pc_susp_zip_compress.yml
@sha WdRcwxFgyaQAHyiOxOYe5VmvIdct1OsAvbvg8xA3DYc=
@size 905
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_classic/posh_pc_tamper_with_windows_defender.yml
@sha JQKix6o/8BA72xCqBSWeV7dSAnc+84JPwIWRsqR+y3w=
@size 946
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_classic/posh_pc_wsman_com_provider_no_powershell.yml
@sha +zlsc18aNqXn3JKYBofvYob+uBiwan+Pl9gxm3PC5ZU=
@size 960
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_classic/posh_pc_xor_commandline.yml
@sha tg5h7BaKYLV2+9vdAx5+SDJk7wEZ2HC0Hs2Ozb5u2kM=
@size 711
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_alternate_powershell_hosts.yml
@sha nWo9KXreaCZ3oNFpCzvFKyIqb8jtuE5ZujgdaGqsSnU=
@size 1270
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_bad_opsec_artifacts.yml
@sha TJDwGEXBKuS3UmyHchuEvMlNlmSxYdAUpPW+t2p7NDg=
@size 1428
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_clear_powershell_history.yml
@sha gm4zf0AdlJA7qQ1L1Fdccxo/eR8nk4FeOdX7J9yK8q8=
@size 1353
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_decompress_commands.yml
@sha Qf03yzUHec2CGLYiS9rjxdHYD34k8Ukmf36kAzfu6k4=
@size 926
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_get_addbaccount.yml
@sha RZJU9rnbAcBaFWRfhIKObG4yUFKySqt2gcoTllVWEa8=
@size 949
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_get_clipboard.yml
@sha 7m57abZZpBtIAmFdbX4H0avRamgxorHnW140KGzkZ5Q=
@size 839
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_invoke_obfuscation_clip.yml
@sha MVbPc+706Lx0z7IkMnf6mp7dr1lzDeKuJMI8VFc7EEg=
@size 825
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_invoke_obfuscation_obfuscated_iex.yml
@sha d2L8i/RW+dJ7JfVE/Z8n/wQDcXPpFPJ/v14dxuHIU1Q=
@size 1331
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_invoke_obfuscation_stdin.yml
@sha G+q6wGcJAxVohx3v2Y05K2iWjEwnNjj4hSa0VjCvg2g=
@size 804
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_invoke_obfuscation_var.yml
@sha fPJGvgQ2tGXqJtJFsToap1FS39TPGDiUDivaotzyxA8=
@size 846
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_invoke_obfuscation_via_compress.yml
@sha Saaq+Ht5xxVQ3pyECKluUv4dCWdTxRMsUo6iQF7+QdQ=
@size 977
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_invoke_obfuscation_via_rundll.yml
@sha hrhd2AZbJP9p3gf0uiXfie0Op4R8s1DzpTYILGvPw4I=
@size 864
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_invoke_obfuscation_via_stdin.yml
@sha D+/H8xNdw/LdEsPffZwsZXGM7nIDTvboR6ZZEpHN+n0=
@size 779
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_invoke_obfuscation_via_use_clip.yml
@sha q7MBMFZQx942KtlTJqoBWNJLqvi+AP8JSOHSJ4EqetI=
@size 794
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_invoke_obfuscation_via_use_mhsta.yml
@sha +w+IhFspNPvmuZPxSG2IaVwG+2Cwb4nJXSlqQ57M2Ig=
@size 895
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_invoke_obfuscation_via_use_rundll32.yml
@sha 2o/uRxZDyaEfEaA6uBZqp5E9gz5na1LH1tHBJLb+WKg=
@size 959
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_invoke_obfuscation_via_var.yml
@sha h3ItV6Xuv/vpZe6/q1wdHu2oitFtV4tz8agKJY4ja7k=
@size 814
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_powercat.yml
@sha YaNtLYr/dHjGbJsNM04YxoeYIlgMhzpw+UDeeopziSc=
@size 833
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_remote_powershell_session.yml
@sha AzWicpebXT1G8oomrlCbIB7yBzjrzb6ThRcubk2ocT4=
@size 1124
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_susp_ad_group_reco.yml
@sha Y4cmIEqb6Og3+tRfwH91UtkjusnQ1xCM9d2ByrLHLPw=
@size 1262
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_susp_athremotefxvgpudisablementcommand.yml
@sha Vl4Ag1u7fyHdZraeM/dkfOn/yA2vLfMeHwg1QDei/lo=
@size 1225
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_susp_download.yml
@sha liOJ2OxfhjHFWVDq9pjGZqAMTX361IwehKW1M8qh+/w=
@size 723
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_susp_get_nettcpconnection.yml
@sha 2hSIHrH9yeZI+iWHgqmqw+vre+BcKmaHDALVQvI+niU=
@size 813
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_susp_invocation_generic.yml
@sha UApFe7SyO3vCBpe08VZAHGP+cuhmvo9reYkS6nnRrRE=
@size 934
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_susp_invocation_specific.yml
@sha MISZ7VcQL7qUCBgaD56OKveEMnyfPR7LK1va0mDCDPs=
@size 1983
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_susp_local_group_reco.yml
@sha Suc5wRa7tAkK6U47MTCxBmi/RW09oCzG8Dl4qeNDx+o=
@size 1255
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_susp_reset_computermachinepassword.yml
@sha +tQTmZH6l19lRrrU/v2DkfH4B/l/gETAr4CBfdY5mio=
@size 922
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_susp_smb_share_reco.yml
@sha ENXlgJleALGqF8h9v6XO8DbmueOae+ZeUjMiFZa+zHY=
@size 937
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_susp_zip_compress.yml
@sha T9MBapAa9xlbfhsZmC7sFpjRddTUGI6YiOC64YyCakM=
@size 909
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_module/posh_pm_syncappvpublishingserver_exe.yml
@sha nxkZUwMxVA3NePyeFCNmlc3Hmbr2E1yfL+qHUANAs+Y=
@size 880
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_access_to_browser_login_data.yml
@sha B3hTORO0yMaMMEC6SnONEPfk3FzwqKBeguZZj+ynICs=
@size 1381
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_accessing_win_api.yml
@sha Q+QTFT1/tksMXWnFNcZtVOrSCUoAxV5N1Ug9UKH2vNU=
@size 2467
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_adrecon_execution.yml
@sha UdypCxWci93a+btaa2JhVXzMD7y+UA4I5WCmhobvzTs=
@size 880
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_as_rep_roasting.yml
@sha /QTDenehqaB7dgfg4dJPx71G2wer5nXrTOHngws5uxo=
@size 1086
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_automated_collection.yml
@sha w40YO5DtjtU48l50DwmzxZJ7Bm6DXqx0qoOplW3EJjU=
@size 1026
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_azurehound_commands.yml
@sha kB5MCihha2CJpa0yuZO+S79xtGKunnZP1qqDjW3Bur8=
@size 901
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_capture_screenshots.yml
@sha 6menZ9uUfAuBq4bDqIYrtNwhrUg/gPbROWax8xq0JZg=
@size 802
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_cl_invocation_lolscript.yml
@sha RX6WAxzfSGHTnEWS7kdhiUdjo6w4xMNweJsprHqozTY=
@size 769
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_cl_invocation_lolscript_count.yml
@sha lgFLz7Cq6D5QrQnF++wLmQuzVCI9cjopYLb4KQjDSzQ=
@size 892
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_cl_mutexverifiers_lolscript.yml
@sha akLhWZ8RQcLDJi4W/g4mwKH/O+en/SDr9KksoIFhrsQ=
@size 810
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_cl_mutexverifiers_lolscript_count.yml
@sha B30gnHYg0CqLUJiSTbfw+V42xI2FuK3en8+OaGmduD4=
@size 948
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_clear_powershell_history.yml
@sha iGuVa0BO5/bCo6Vd2bDMLFCSIlf1tePkpyHZivtDA44=
@size 1337
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_clearing_windows_console_history.yml
@sha wTGCYzxrTGc/TWne5bueIAzHteSy+3PDuKjgYUJ9U44=
@size 1146
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_cmdlet_scheduled_task.yml
@sha Z8sn5Bx9FVQUnPxm1AHcyBxBGboj9svUHuGnoKlGFiA=
@size 1308
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_copy_item_system32.yml
@sha u/ZUaSnI0XeW3EJZ9Ad1Q5oN9OPgHaGefSY9U2Yfxzw=
@size 698
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_cor_profiler.yml
@sha wyLbGb3A7QoSdoJojqs64mbxT3v0Z/OoFEvs22/yrP0=
@size 1240
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_create_local_user.yml
@sha 9EjOCfsilvDuRs4wrWF7Lp+XVdZvqgEgKMqkDGlW6D8=
@size 691
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_create_volume_shadow_copy.yml
@sha MpsFQpOXT+AKCZ8gj6lkkGOkNikHUq7riWmtROfP0g8=
@size 916
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_data_compressed.yml
@sha nlJu93/y027xGPLoD5EFV1mshnQAgG5TgYgLjaALhLs=
@size 894
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_detect_vm_env.yml
@sha 6S+7h6K3WDe0ufL5cYZbbSi9rk3jZ0twzH8WmQfH/Nw=
@size 1145
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_directorysearcher.yml
@sha /iQ1n0qcuw1K9mc3snqQfll8Ep4bfWUOJWMLFLgr7m0=
@size 879
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_directoryservices_accountmanagement.yml
@sha wRndZmC1fc7vy3WxMB0kIH74gWOuUYJzx+LIW6+df0Y=
@size 1036
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_dnscat_execution.yml
@sha +JiD/OngBmbPjBrLBuqW9/rozlJbbmpJF3oMNFzk7FU=
@size 637
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_dump_password_windows_credential_manager.yml
@sha 4kDhq+TpPKja4gQLqCQqFbUCCxs6ISSVJ+jHdhctqik=
@size 1379
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_enable_psremoting.yml
@sha tCMZz4cJksHqSp9nw22j8/bh6GIB9+wEcs9JAqXm0Jk=
@size 941
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_enumerate_password_windows_credential_manager.yml
@sha LZw8rWBaOlhL308xBNgCBkHlXVpo8mE5aa+7cEFZg2Q=
@size 993
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_etw_trace_evasion.yml
@sha FfDl7oXOh22cKaxz6pwM3bNC23hldKpBuAExGWpWG88=
@size 1010
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_file_and_directory_discovery.yml
@sha XivPVAJqkKAWinoTymqRlRpOor0MGLJve0/UmYKbUp8=
@size 1054
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_get_acl_service.yml
@sha VrWqhSwpy4kpyGQUswQc4Ml7SHg7Ui38dRISZuqONN0=
@size 1207
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_get_adreplaccount.yml
@sha H68SEs3+q6QGT4FZPU4RaEwX4gWE8oYQPSi07XB0R/w=
@size 1044
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_get_childitem_bookmarks.yml
@sha rbnuX2k/wTAhFnSu/xh5n9Eui92jYy2RIQ5dxXqBriU=
@size 1082
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_hotfix_enum.yml
@sha cphBNx8kfAyIdTRmgq+5apnfG+oaSF4IG1g+310le+s=
@size 728
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_icmp_exfiltration.yml
@sha nXaOa1kKi3LTMfEYUz6AN1skSy3zNRpvw/zWpYg/wgc=
@size 1014
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_invoke_command_remote.yml
@sha 3GfCsBF5cAfAxNCHV4cPWuAY0B85IJS+XLeUMUsZW14=
@size 972
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_invoke_dnsexfiltration.yml
@sha gqtr/NBcWUlQhZ+iMQeNjwFz7SN0QXyHQj8s5ABSYlM=
@size 902
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_invoke_nightmare.yml
@sha gJRAOzMHi/qHDcbwSjJhjY8n7+xi9r431xR2DAXlzDU=
@size 616
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_invoke_obfuscation_clip.yml
@sha CHyv1+kQxGf2vhWny2ReOWJYpHO9eFtl+qVqz4jUPCg=
@size 752
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_invoke_obfuscation_obfuscated_iex.yml
@sha Wk3DZPSUyqSxldUxCfPQVWPtZBeXjKH6cekrcpC71V4=
@size 1236
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_invoke_obfuscation_stdin.yml
@sha yAMaYk1g3BbrOTnXhP0zmpssE/PAtMaJDaqIkK6Av3w=
@size 731
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_invoke_obfuscation_var.yml
@sha Q7xL0eQwJ46myxQFxqRMg/h1PwMVi+Gh0/0UFZi0tAE=
@size 773
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_invoke_obfuscation_via_compress.yml
@sha py3JsGB9cixqx2q60eO2fIvCFXXrOXevOPTKDWNAKjU=
@size 920
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_invoke_obfuscation_via_rundll.yml
@sha Pq85Zjuus6nz7CmXu3oTJ8pdkQhEznUT+1nGK4HJ1QM=
@size 791
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_invoke_obfuscation_via_stdin.yml
@sha TPHsPeeyIUf2t3o1otAseL9RhW2A0xwy4XNNSGHTu0Q=
@size 706
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_invoke_obfuscation_via_use_clip.yml
@sha bkCAw0dlU5vKoffKWh6q7dgzjYzLtARbhLLjpsKJMzc=
@size 721
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_invoke_obfuscation_via_use_mhsta.yml
@sha 7+2MdkgDDnq80xOaINBLMmDBkpQMMFxerdH7q+dKxdQ=
@size 821
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_invoke_obfuscation_via_use_rundll32.yml
@sha QEJFgvtCqb6Od5dSqvxrBVxRfrKCYNnhpfMXTd1JFro=
@size 894
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_invoke_obfuscation_via_var.yml
@sha y11US+M/srmRLpzwVLXe/hAUepEJf30sMDPNRoJFY2U=
@size 740
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_keylogging.yml
@sha lXBGvZnu/BIzknSUepoeK+JMS+O68DvrnFMsk4/kv8Y=
@size 1020
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_localuser.yml
@sha Cj2Dj7vcC5zi71NUMMlyVrAnSHIbiUzfkYvIo/Hs3lw=
@size 1120
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_malicious_commandlets.yml
@sha +h8dQGZ7y3Gg4a9zXeH8pM8xT58vunyMkt9JowpPtI4=
@size 7374
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_malicious_keywords.yml
@sha dV7pxMR8pXmAqkHTvkbhQbpkFpRSl2S+1BOISJrHG9A=
@size 1389
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_memorydump_getstoragediagnosticinfo.yml
@sha 5VQEUPNKCAvnAuwxhsfMgv+WPXKcedEOSTNfBTR7wJI=
@size 704
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_msxml_com.yml
@sha W3nTlgc2r/IEKW5aq8bQEYUVkpoXEWUAP56bxF5mpJs=
@size 1271
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_nishang_malicious_commandlets.yml
@sha YNm2KpLoyO44iVkpDAWvycjZpXauoB84+40XZvuyo3g=
@size 2707
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_ntfs_ads_access.yml
@sha diqEmXN7vWKt0XhhOYm/uNSLTVcEC7e92g+9O8r0k9g=
@size 898
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_office_comobject_registerxll.yml
@sha XLW3v1uBbR8Sqv4TUoi0+0Cd44PxHxnD7mVRrRX+sZU=
@size 787
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_powerview_malicious_commandlets.yml
@sha lZnkva6ZeonxY5m5Co37sMSMFp8Cckb6qrzUhY+33aE=
@size 4364
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_prompt_credentials.yml
@sha eSOgar9U66d6Z9N/WDRPO9bPR63ClAsRF/fChLf0h5Y=
@size 690
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_psattack.yml
@sha +otF+LqTRkgAApeJ++0aXFZhys03LTvZ8PonW0EHx6c=
@size 592
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_remote_session_creation.yml
@sha XHKQqICTSOWb4RmeAUiIOuF9NcrhJ6d9GpezOSAnmVg=
@size 947
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_remove_item_path.yml
@sha SwKj5soTucPQdNXQtCSj+gcEKTh0IetMHbrCSg8IVOU=
@size 990
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_request_kerberos_ticket.yml
@sha UYSSFVDsFQUS3oMvkqZM74dMpA0BdvfB6V8B7tfwDXM=
@size 902
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_root_certificate_installed.yml
@sha bw53s72uDgrL9d81/p7RcraxOc4AQ13lAC/6ETdCGhM=
@size 1067
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_run_from_mount_diskimage.yml
@sha JQbZoEJpU4zIVYpoUySCuAq+1d91RL1pyu48mydbnRA=
@size 1075
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_security_software_discovery.yml
@sha aTu8PXU97qGBFeQyhhltB/aE7qBii50EArEXzHIgd4o=
@size 1050
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_send_mailmessage.yml
@sha J98t22LU6V3elGGWcN+WKv4i22JWOUjISWukkmXQccM=
@size 1074
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_set_policies_to_unsecure_level.yml
@sha lFb/wtG8n/U72Jny1phX0HGIg7QUPRNAWJKBhvs1m28=
@size 1315
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_shellcode_b64.yml
@sha WXMpVFXp6D8ZCqWhUkdrHw+FKbcNVS6vaFs+BCcbcfI=
@size 810
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_shellintel_malicious_commandlets.yml
@sha x9QTAxsqpM4KYAdZTNQH/8MBhs0pAyKpfLRRYiUpLkA=
@size 706
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_software_discovery.yml
@sha zuQCGAj0QX4i3REM9zL64hDvtEVY4it9+cS/NXnxYIg=
@size 1181
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_store_file_in_alternate_data_stream.yml
@sha K1/KRBadobDNBK3eUbYLsXhAhcQq0r5nI6nMmr86pT4=
@size 815
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_ad_group_reco.yml
@sha EuLqAczZRS/APFZGBarClAZcNN5D4a2f2nzEjS6b6vE=
@size 1060
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_directory_enum.yml
@sha koQ3AW7/uV7lmFHkiy54L7WqXEIW0kw8y+zWI0XTeHM=
@size 942
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_download.yml
@sha Y5aaLi2QcRvC3d69MBWHiHIzJ7t5P+Ky974C6ryhp7Q=
@size 731
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_execute_batch_script.yml
@sha eif3q/wsSMxMAL9n+0URyB2VCyrdJWfwvVbv36FTxdk=
@size 1340
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_export_pfxcertificate.yml
@sha xFzAF8SigLQeyyi3cwzLpNJN5ThvAZzGFUqhkC7aECU=
@size 945
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_extracting.yml
@sha +oYe/fEobFWW1iQf/lfbI5GB8x2XMG3+osLf8D4AUzE=
@size 1030
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_follina_execution.yml
@sha LiF56nYnRoynWifxArvOmiQTc2c3eNTGszgqmktQ7gE=
@size 958
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_get_adcomputer.yml
@sha CfguVvZpzAIM3RLQ35C5Q8qWmdAFZW5OXLjLjQ6DL0s=
@size 698
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_get_addefaultdomainpasswordpolicy.yml
@sha Hiz6z76R3vvRPQBSyS7ZGxOrtxsO+js29ZCWtQxlgng=
@size 972
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_get_adgroup.yml
@sha L8sIZMO/VhftDUTOqQ1xtWiGpt8LdI+IggoD3IMG9sQ=
@size 700
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_get_current_user.yml
@sha yqsmfvnnL9IZ8nfdEhBct4BUhrDSn5xOMWN3r/XCLGE=
@size 984
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_get_gpo.yml
@sha MYzUDhdZm5kkKm7tjYlrfPnurkB68s/DUl0oexsAtvA=
@size 736
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_get_process.yml
@sha 7gHkWo24wvhSvnD44Ywzbs0D3jcuYScat09cK3dAak4=
@size 804
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_getprocess_lsass.yml
@sha d/KX2y2I64pWJ5akHmVsvydNt97gkWCVgTW7VRvZ6fI=
@size 809
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_gettypefromclsid.yml
@sha rH5TL7FmUh1l8SCeZHdWON1UR5ZGEuEHWDmxamwozWA=
@size 790
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_gwmi.yml
@sha prKO7NbOZalm+2B7Mhpy70sywKLgks2aUCoq59WeYQI=
@size 848
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_hyper_v_condlet.yml
@sha qeyVHMQqH5LPd82vGqIOTdu0HQZvfPGHFLgMio04KVo=
@size 890
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_invocation_generic.yml
@sha RGzBYpiPh21NyISMEVbp1GBLJrzOoHcY04W7zhqUCJw=
@size 946
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_invocation_specific.yml
@sha 7ze9cInpnVsat3eEEdHU9ApOFnpc7cqbHJayJccum+o=
@size 2133
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_invoke_webrequest_useragent.yml
@sha UpPivoZqw9mov+76bOPQB0+/xkgJpnRK9W7QRE8uy4c=
@size 967
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_iofilestream.yml
@sha MsDHsWrOzdJ6CblwAa/M+kKUwDwSwyj2MqlKvH1/Tfc=
@size 803
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_keywords.yml
@sha 0IZX21E0uDvJYZjX5jz3ty8s9rqD9682VkmK3JL8br0=
@size 1406
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_local_group_reco.yml
@sha djfu6v9EvHexz+EDF0JSLupwK8DtsniLNDvD5kBHaSo=
@size 1058
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_mail_acces.yml
@sha ktvVkCB9w+rc9M6IKxRXWKfrQkz7hnO0E7Wj7R+Ub8s=
@size 961
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_mount_diskimage.yml
@sha CRYemcrnOQAvhCNQ1JR/IE3wx8OL2Tsw5QKTO4J/pK8=
@size 917
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_mounted_share_deletion.yml
@sha dDkcg6KFfTuz0OoUk1AdfgoGIECt1t1eV75J2Fn7b9U=
@size 898
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_networkcredential.yml
@sha AKUnysGWSNdsyY/qPNKQ3Q2GmIQziixp5QGH9RSGmgM=
@size 1126
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_new_psdrive.yml
@sha gZmhRmsupkONu7xoW0NSWndPOXmAL86SukjvnaZS8Xw=
@size 974
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_recon_export.yml
@sha i9Nw3CsHcppdLprYwvLswhg70UBUr58ApDxbtgp0GOg=
@size 862
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_remove_adgroupmember.yml
@sha uCkpjP+Kd4rjLyoPomLDjNWTZ3vilim5uFDYCgUWpKk=
@size 931
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_smb_share_reco.yml
@sha zKk9oubyoODFkNJwGCgGKxDdgko8W2bu+FQ78xDbIlE=
@size 885
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_ssl_keyword.yml
@sha ve480QXvgdz8EemLikMT1IFwvqBP2ZrmqRZmKIAFFPQ=
@size 959
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_start_process.yml
@sha 3an6Lk3WaoXqm7/VlM/1C/jK/p8gxA1EpkXelMsc5+M=
@size 869
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_unblock_file.yml
@sha IZ458tI5WEtvVKqN93ZSes48iUQTUsrRToai6ATqQJQ=
@size 914
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_wallpaper.yml
@sha ll4z40gV0ZUQpg9rYYtnoLCDW6/Qt7RbHju4ANTdcfE=
@size 1038
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_win32_pnpentity.yml
@sha p4kbSnLYDDn8T8/r1vB+dgsYFIvEt70CQ02fDKF8cNE=
@size 716
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_win32_shadowcopy.yml
@sha pT2K5XAVgQbO1oOuCe6Ol/6R2mjWmg9AkcJtuskzB3Q=
@size 869
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_windowstyle.yml
@sha vyxUHnRDfnXE+uWVvern/in7YlXbFTvd6xtP8b755ek=
@size 802
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_susp_zip_compress.yml
@sha 2WGTA2zd97o6BjU0f4tebBZq3GU0mH/zHB8/Pwnvd/o=
@size 831
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_syncappvpublishingserver_exe.yml
@sha DVNfkCjoKBg/5tRtpWVOYP7eTBL0hzM8j1zWwsqlZsI=
@size 884
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_tamper_defender.yml
@sha eFCmeTwaGA6GgIVveC2EhOnyJRsI1D+TjlgQyg6pjeE=
@size 2403
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_test_netconnection.yml
@sha vipnIZZWZYdA8LhDT5QGNncevty3dikNJ5QEcZYB7Cw=
@size 1158
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_timestomp.yml
@sha Ok86lQiqTfWcKzjUusoWdfiNmBjW13NFm1m6s4kHhG4=
@size 1151
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_trigger_profiles.yml
@sha IiPXsG1y7ER4Q1PwiAjEM0I1bbSmzZZf9X1Z7P4Du1o=
@size 900
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_upload.yml
@sha PDJBuXQPYObPrn+bEgUbt/xOoj24uBzfJTezfN7IS2c=
@size 1053
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_web_request.yml
@sha 2NVrT+tmhL9b9JS+kVzfQNqFtXTiscfY4FHUIWI5F3E=
@size 1089
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_win32_product_install_msi.yml
@sha SgRdO5YxcoFcVLtNYXniiKHtUVYuRn46VIcUnbT+PZo=
@size 794
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_windows_firewall_profile_disabled.yml
@sha vO8u5ahx9JdYEvT8hcCYtFtQZCfoim8+naGWz5flo6o=
@size 992
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_winlogon_helper_dll.yml
@sha X9P76Oc6srfFZsjBNb3ApYiaDTEulDgnWWqouI8Psu8=
@size 1251
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_wmi_persistence.yml
@sha Ngb9c6R05Hb07RdTCR51zrp2DqGb0lGwukd0T7P0IUo=
@size 1263
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_wmimplant.yml
@sha D+yp0fiZsjuyaW0ZQGuzEsRW5oGm4gSQaIU+upL4M/g=
@size 1105
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/powershell/powershell_script/posh_ps_xml_iex.yml
@sha ZLVXhHNM3r38fJeGEDI34GAqbUj6xi9W1cP+wRxB/BY=
@size 1076
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_access/
opensearch/opensearch-security-analytics/rules/windows/process_access/proc_access_win_cmstp_execution_by_access.yml
@sha JLp40nQw9MUHBcgv4gSLNUiSaKx27DuOmo29hS6BSPA=
@size 925
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_access/proc_access_win_cobaltstrike_bof_injection_pattern.yml
@sha YVw9Nf8RKdGXiOGRnZKINRYM6Xo3hVnzX0tgkhePTcI=
@size 829
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_access/proc_access_win_cred_dump_lsass_access.yml
@sha ttZfaMdoK+LVtJbF5u/CdCQoD0tAaYQ20JA3Lg1n7Pw=
@size 4933
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_access/proc_access_win_direct_syscall_ntopenprocess.yml
@sha hkcC/EvWFjlt9HtQrrHf7tnSsUEBoxK9fVhG9n+OuhY=
@size 1577
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_access/proc_access_win_handlekatz_lsass_access.yml
@sha WBiOElqkuvJ0jH6jzlpco7meJdtR3eVuCacpMk1Uiec=
@size 1066
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_access/proc_access_win_in_memory_assembly_execution.yml
@sha S9T8vw/urf3c6nTneIjlu8xq97FkPz3PKOYs1mb8gcQ=
@size 4495
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_access/proc_access_win_invoke_phantom.yml
@sha 2QXwiNH2a31BjrR/Yy8c/WpCCAkiPLnbRtIunToe0wk=
@size 770
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_access/proc_access_win_lazagne_cred_dump_lsass_access.yml
@sha Gp1uf2oS6qDc1AKIHSA8AVE1Fu0jo+kCNTRkVXZXL2I=
@size 811
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_access/proc_access_win_littlecorporal_generated_maldoc.yml
@sha 6yCuSG1sszV34ITiB5bZLbg4ih5LIJFklSq0dfLqrAs=
@size 707
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_access/proc_access_win_load_undocumented_autoelevated_com_interface.yml
@sha 5vPb3a2S2AOlNU1qXjgKE/BAJjE6CEXRegUMTex08FE=
@size 811
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_access/proc_access_win_lsass_dump_comsvcs_dll.yml
@sha t9Zqi3TwyusFZVEvVddEZwlVINZm4ZYnwn8lAlPRAck=
@size 874
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_access/proc_access_win_lsass_memdump.yml
@sha pR00Wmr47dDJqr7KpBqIIqqn4akFqNZu2AQGDQpsLfg=
@size 1829
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_access/proc_access_win_lsass_memdump_evasion.yml
@sha zVM1f5q4H+TGgWXqztXRb17HLceU89NTfLg/FV87t/s=
@size 1727
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_access/proc_access_win_lsass_memdump_indicators.yml
@sha ErRkNghP2UgusSE9w0XA6mZ7BDC1WGgmEyghs1T/eJI=
@size 1453
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_access/proc_access_win_lsass_werfault.yml
@sha pYugSzDF7dsgOx2xPsj6x/A/4UX6EBWjOOzTjFCEybY=
@size 922
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_access/proc_access_win_malware_verclsid_shellcode.yml
@sha CFtLDd8q9Rn7VejsJWgjflYPv4LbdLcAgV9D6K3dCkg=
@size 1195
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_access/proc_access_win_mimikatz_trough_winrm.yml
@sha 13B3rzkcVRPZENPLiuwUXnHtcVUvOjZRR6s38ubbAwc=
@size 872
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_access/proc_access_win_pypykatz_cred_dump_lsass_access.yml
@sha zaoH5QvkEoeZOXI6MXZrf4AIuy/KKCe22Al7C4iU5ko=
@size 813
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_access/proc_access_win_rare_proc_access_lsass.yml
@sha m7bICE6ng4DXKdBtC1nhVtJHwoz09eR5z8wBmZt7KtI=
@size 3793
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_access/proc_access_win_susp_proc_access_lsass.yml
@sha gxx/0FcmZhRP1xRQ/opHm8uYNVAwsN3pBLCuIcvjyWc=
@size 3954
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_access/proc_access_win_susp_proc_access_lsass_susp_source.yml
@sha lLUngHOG4vdccaj8Z1IE6nYFOFIebi+0xCW4P69VWH4=
@size 2766
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_access/proc_access_win_svchost_cred_dump.yml
@sha KDEt5ikFHHnY5EbTFxWxXtFlRi9i7NYnFNtJ7RWu4Ow=
@size 741
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_access/proc_access_win_uac_bypass_wow64_logger.yml
@sha Dd/OsYuevyJFRuKcByskyRPHt9PDyPJ+14iWHFcE72s=
@size 712
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_access/process_access_win_shellcode_inject_msf_empire.yml
@sha kVNvppFa5CMMNJgeriArM/G3KcZIrct+y8vjvjAWNYo=
@size 630
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_access/process_access_win_susp_seclogon.yml
@sha /l/iyrmZwUy1u5u0Lyceas+8ua3BmJ8rUuU+bbHGjl8=
@size 995
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_7zip_cve_2022_29072.yml
@sha DhL7h51qxy/dL8ggzQPDBYs/Ewk0y8cvo7J5LfSL5Ls=
@size 970
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_abusing_debug_privilege.yml
@sha crBpgJXATIn4WYCsdjZ+W8nwznASp8Pl12eM++Eqp9c=
@size 1279
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_abusing_windows_telemetry_for_persistence.yml
@sha o0dto4cYsB6Adlp2Dalk2TfTotcoVdoJiZVdB8acMqw=
@size 1089
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_accesschk_usage_after_priv_escalation.yml
@sha 07pfYPPI1xyKu474fNKTejGLyfZzjhhbmjrJ1wgd7QA=
@size 1447
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_ad_find_discovery.yml
@sha p1F3EjEThOhoH0ItMlBQtUvbOfEKAFxfbgc6HeAj8P4=
@size 1383
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_advanced_ip_scanner.yml
@sha V+0/UtE7qZd3YhR4pIWBRRGF/2gCrYioeivKhI8Aln8=
@size 1273
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_advanced_port_scanner.yml
@sha VLutItEjc9ugivBMiUzyCAGPbSPr8CYiOLteIbnEBbk=
@size 756
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_alternate_data_streams.yml
@sha 2yeXizkYBpZs17Oy3pyu4senx1ul1Mq05dHmI31WHVM=
@size 1232
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_always_install_elevated_msi_spawned_cmd_powershell.yml
@sha A+IKVHdSjhG2uF4xiaJ6jF95K2rRkr7Ki+vKccr+tXk=
@size 937
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_always_install_elevated_windows_installer.yml
@sha 91P1GdLm+ClhwxenPis2bwFHB7mjonJ5c24Qejw2YeQ=
@size 1480
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_anydesk.yml
@sha TxxkatoAKMP/Q7RqcShXIthsxKpIPGPYPqOoHkggLEc=
@size 1198
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_anydesk_silent_install.yml
@sha SWBY24vnTIazK0nRw7OMO8vDSg8ekuGoCCXdOkWH4MA=
@size 779
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_anydesk_susp_folder.yml
@sha y6n2zMVIlJm1Ak1bJ15QY2xwtQePNfhu4yRLqWwk030=
@size 1465
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_actinium_persistence.yml
@sha fOCd2VHqrGSyDdE8kKIK9VQyBkAkE6GkfR6LOvlLlm0=
@size 741
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_apt29_thinktanks.yml
@sha 41QRaDlybKfOvVcJPubJCOKBPi/yqpLRvZDqwBbwn60=
@size 870
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_babyshark.yml
@sha Xq7dRuU2MUvCwYKzAVsl3A4zI6sVfriOWMIfF9TbYE0=
@size 816
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_bear_activity_gtr19.yml
@sha NZ25oV9WEo7Z8p8Z77GDaexgx3ddnU+H2mtNc7orexw=
@size 875
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_bluemashroom.yml
@sha u4ck8LgsSbivbrgZE5mzsqnOOyztYXYP15Nr0ZUZ2Jg=
@size 1082
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_chafer_mar18.yml
@sha nJNdDcRFKY1MStowPIwK2R5bN1FhbiNTHG295A7WAYo=
@size 1359
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_cloudhopper.yml
@sha S7MXu/6cDVGtSRPqE2s69Th3ub1j05bfpDTRihoeuEg=
@size 652
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_dragonfly.yml
@sha rDNnb7vv0GlfeMWa2IZuDzTgem0uxg7PaFswfnJyarI=
@size 683
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_elise.yml
@sha 6iLiLGmOcX0kI+HcxsUtGTIrX58oHYmgF+Jn4I3SJjY=
@size 784
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_emissarypanda_sep19.yml
@sha MqQOGdyOLL98ngtSCsY+kPzxU/WWNA4/85yWA+rmdXI=
@size 685
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_empiremonkey.yml
@sha YY9+Zz/gYTGeHuyWs6W9RcvgQAQI/GEKWhtGt0/f22M=
@size 714
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_equationgroup_dll_u_load.yml
@sha /IxDLYRxLcc5g4NJ42yYLtufjLQavtSDx9pXl+Crr58=
@size 783
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_evilnum_jul20.yml
@sha JBDfReXwhC9154ekKBCY7PNSIP9CCJN7uyqVkL/hC8Y=
@size 761
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_gallium.yml
@sha 7cg/MDivxwojcxtGfyQeu/vRHxDFy1E0haZhqE6gfkU=
@size 1094
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_gallium_sha1.yml
@sha +VmM765JDBH2tz3Bl4fIHLErZk7XRQL9j6jv25Vla+w=
@size 1878
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_gamaredon_ultravnc.yml
@sha AGwsdZQFNpAS2QzFCAHIEDrQ9onYSdGeyJJsgMUOHZs=
@size 888
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_greenbug_may20.yml
@sha nuIYM8qOWPjQ3/A/p8wr6gqZCKWUUesWuNZQXGGkavg=
@size 1800
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_hafnium.yml
@sha nALmA7lUyUkqB9ftmDSNPeNiGGNNUIXZtwVp09fvYW4=
@size 2360
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_hurricane_panda.yml
@sha PE8JITbtE3uH8KiZasaF39h5U5xvjN8N9jxxjb1LIaQ=
@size 693
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_judgement_panda_gtr19.yml
@sha FwLlL+JmuQB2FhTkAurd6a6q/Jy9te4bA2AwuKadrSI=
@size 980
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_ke3chang_regadd.yml
@sha jG9sGlUt7CMlBlRw3eGnBjt6U9v1ilKLwi+a8PFTAJM=
@size 1420
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_lazarus_activity_apr21.yml
@sha dNyO+BS/G2BpXQp4FSyY4wQaibI1go4RgJvJfx2q++A=
@size 984
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_lazarus_activity_dec20.yml
@sha uUooloJ4NWMRfDHu4dOAqh9uyNRGnsBT0UlEmkLsBQE=
@size 1243
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_lazarus_loader.yml
@sha UNfrLGEF1q/ywqbMoFO4k8rbE2Bhy6J6FnNviyToROs=
@size 1197
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_lazarus_session_highjack.yml
@sha E87yx+MTNebDQIs3xbOOjv3exDIBpQnwA4+ECpDDI8o=
@size 807
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_muddywater_dnstunnel.yml
@sha uMauP6eK6A/SklOENIrM2t47IAKKGCrLKb/AMKruPYQ=
@size 744
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_mustangpanda.yml
@sha hPbKnBs2Vg/j8UsWwWkjhEMq/Tbap/if44+L9IZByA8=
@size 1086
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_revil_kaseya.yml
@sha NwmSbv1YuhH94h2+w4wrsaxIPxMNXU7MjNkMR4mMN8g=
@size 1733
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_slingshot.yml
@sha bpwOdkMrvGM29UY3BUlOhWJ02vofk3aO33XPO8tvgE8=
@size 819
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_sofacy.yml
@sha aioKgxXVchR7Q73eKCrD6iug/zM90x450kpBPuKKwjs=
@size 1123
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_sourgrum.yml
@sha EaZgMYN9X1QxgUuIKAHJsunmpXvxs2lCaTN5L/fxtgQ=
@size 1735
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_ta17_293a_ps.yml
@sha nubcOSdmMCAQa2Vp5b8Dl5OCdaBigO4rVVhDIP/9iNs=
@size 658
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_ta505_dropper.yml
@sha FL16eAcbXBRrPSzB+Jyx6669k7w2XCRLdQNF2vMLmds=
@size 694
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_taidoor.yml
@sha GOHYzm7a6t/0AjCL28JgDkjwXxZ3Wvk8Gk8AZ/dF60A=
@size 713
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_tropictrooper.yml
@sha i63CeCrrwlnpW5VW+JhLlYRdKhJ9D3Z/aJXtae8cCYg=
@size 780
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_turla_commands_critical.yml
@sha JAiulRhRusladmvQ8nP9mWo4Y2TzzQ/sqE7eD64ZB9Q=
@size 769
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_turla_commands_medium.yml
@sha Py6ZHuAnrutNQtYNvRI2zVj90zY6r2L2udHVRCHzAMY=
@size 814
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_turla_comrat_may20.yml
@sha BHCJsDrIDddY4Ez9+4yNRPaXVOEMmktylPlCBLhPYPg=
@size 811
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_unc2452_cmds.yml
@sha kqviyUNB7Esizrak9b7PASTEoNvHCmncnQkK6A8rR/A=
@size 1498
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_unc2452_ps.yml
@sha GONJN+hVxR9kpzSA8gMmT/PNXGoYiMHkaxdDG1Skx2w=
@size 1326
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_unidentified_nov_18.yml
@sha tM4gBzVy0wFaR2o1MlP5shDCl0oMI2aQGY1Wq689CVk=
@size 732
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_winnti_mal_hk_jan20.yml
@sha qRp7Vs7Iuc/vFz/W9ZU6Alx3i7Z71nsPBBvdhf797BY=
@size 1125
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_winnti_pipemon.yml
@sha qbsl5xBwogH+d4q9Xsfe87o6VLhF6G5Eqe19h0VyUAI=
@size 810
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_wocao.yml
@sha HJGPoFwFewKZ9uyLmgT9LPRrfazPiDG2qUUSHBUA5H4=
@size 1450
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_apt_zxshell.yml
@sha iG4D9K71UMIOWGehGHKzr5m2ezJo8aVlIYsdFDgSkOs=
@size 826
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_arbitrary_shell_execution_via_settingcontent.yml
@sha w+mp6MpM9Dj1vwzbyVSfJnhj6RO9p9CZKnZ7v3e4TGw=
@size 971
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_archiver_iso_phishing.yml
@sha aku8222TxLeG49+FCQ/4FmzoXPuKdWTu33q1QGe8wqU=
@size 1078
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_asr_bypass_via_appvlp_re.yml
@sha pO/dyt/MB4J0BJF8u8hNP8OpoRSR70sT7Y7K6U4YoPg=
@size 1314
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_atlassian_confluence_cve_2021_26084_exploit.yml
@sha VHplDKRKci0weuNFX0C07Qdc8aaeNcCz3jMW3fZPTvA=
@size 1102
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_attrib_hiding_files.yml
@sha YipFc3wUXKhVcpYTn9Xvh7QG9vIyM8iADxo0ssmwH1I=
@size 908
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_attrib_system.yml
@sha V/pHFGLNx0YJYZDaKqUV+DKLpRJY7nLo0gIb6hUTGLI=
@size 753
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_attrib_system_susp_paths.yml
@sha MjNBR2YEo50yjLlwG+2C9t5mVRQhyxRekuVhdzj8w1Y=
@size 1475
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_automated_collection.yml
@sha 0ayjsmZx/TvQKDMz9RKeVOhaBkamTnUe9cHTT16lyDY=
@size 1247
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_bad_opsec_sacrificial_processes.yml
@sha mSTXu5qEbjibRlydUgHDqUm+9Qj4JpAVInTCRg5lupo=
@size 2153
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_base64_invoke_susp_cmdlets.yml
@sha oMpdEAAbCauXgg5sZFglMppmC2glJv1P66q7wa23v2o=
@size 1227
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_base64_listing_shadowcopy.yml
@sha 9sPds0BZp/DiePcq5rLiTLLYZjUS5EO8zoHOFQn1lJ8=
@size 959
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_base64_reflective_assembly_load.yml
@sha isgrhwUL0sJaU/J2EPbldG5Up0UaPyCDN/07lzbw95k=
@size 1995
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_bitsadmin_download.yml
@sha 22H33rpwNSdO/tbeG4TjRcXH3bVR2lnfN/TU9rfs5EE=
@size 1171
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_bitsadmin_download_susp_domain.yml
@sha DDD4yiqOpZktOwxYsm2ERsCxdRfBVkKNuJgXi33EMcQ=
@size 1386
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_bitsadmin_download_susp_ext.yml
@sha o8rpcLuSFaCKEhzcERzmTQbXyBteZRvqweEFeVHie2s=
@size 1587
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_bitsadmin_download_susp_ip.yml
@sha ViVRcCnAatqsGfFNj1xYagcxotFEyZvEDg1+haGlTYI=
@size 1417
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_bitsadmin_download_susp_targetfolder.yml
@sha LUa28v8C5yEUaFFSanccEUt+6ZGNQ2bpi/8KBtb1DDU=
@size 1051
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_bitsadmin_download_uncommon_targetfolder.yml
@sha PiLxuEpWltlTwDQ7FHPSsMF0VuJykexKiAO2CvICZNM=
@size 1139
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_bootconf_mod.yml
@sha pKQIwRZl+izul3K2gyFBLy9yxm/P5e/LzeE81hSQgMI=
@size 1073
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_bypass_squiblytwo.yml
@sha 9lWazlwVuvzkw2qWc1ujGWFI0SNis1dY0wHnPezXoro=
@size 1291
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_c3_load_by_rundll32.yml
@sha eMnJ0a031PBoh+AtjOya20M6hXWLZ8pCI7xsx1l1Sas=
@size 663
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_certoc_execution.yml
@sha LqGPBrwzEv63nVoKZyjopL4HDs0he2mWR7rZgdkNKzQ=
@size 804
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_change_default_file_assoc_susp.yml
@sha A3kZS7paniTDaLWGerd4YI5d4N5dPW8NlkRx9T1t3MI=
@size 853
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_change_default_file_association.yml
@sha CldaTiVJ9gy3kylDsLh4duDzgPSHUljOmnkV7huG1PM=
@size 1152
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_chrome_load_extension.yml
@sha Jm9I8E7da8whCIf/7WeUf0PMQ2/V4+Uvt/TxHI9o4YA=
@size 766
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_cleanwipe.yml
@sha FV5IM3MbYupw323MxrGNxVqtIJXsq41sqtKcUyT4olw=
@size 971
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_clip.yml
@sha tF0WyA0YuOHiTtBONRx0OJG5ysU4HiYRE8CNFMspnCA=
@size 674
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_cmd_delete.yml
@sha yfmz20iSiXh3q/+c4iCaiYyZKkETlSg8nmybsnZbAvE=
@size 1021
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_cmd_dosfuscation.yml
@sha npfFOCTqvC+pcRo26z7VSEndlubHSizAOKLS+8riAFY=
@size 737
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_cmd_redirect.yml
@sha wdlvBkx5x1p/ijI5bX8PZ192rT2K/ym8Zg3WwRcYy1g=
@size 529
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_cmdkey_recon.yml
@sha 8N4HBUhB2qlGrfV6AfA6kk0DYvPuqhsItWTCffnlha8=
@size 938
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_cmstp_com_object_access.yml
@sha YEkmRI4H3MFexISluptNmwwj7cNs7tiPJpUS1Y+j4o4=
@size 1631
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_cmstp_execution_by_creation.yml
@sha SUr/QLnPtPGTadCXWim6e+C+oIIZUf/GK2r/6gJ4oF8=
@size 893
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_cobaltstrike_bloopers_cmd.yml
@sha 6d0+/UYwGfnRluui1bSV9g9bhEX+WEdrPwlF/fU5PUI=
@size 1085
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_cobaltstrike_bloopers_modules.yml
@sha E+a4G57It/yHQ/2BfBOOZOLZNZBh5te1DRdcUku8GyI=
@size 1088
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_cobaltstrike_load_by_rundll32.yml
@sha iaHnKn+Db8KjTIwZgoy1g1IW7vj6Dfr9+7vaE2sWt9w=
@size 821
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_cobaltstrike_process_patterns.yml
@sha iuUYrH13RflMiUXTRzotAnLKBu/BMSyiVqYHh9P/nkE=
@size 1384
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_commandline_path_traversal.yml
@sha qnBZtd+MJCAghspWwakrWNtecDJoVUdoFBPFO1t3Ubw=
@size 962
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_commandline_path_traversal_evasion.yml
@sha q6jJoDCpBtjwOgY8ffwZXCjplDyd5zM9r+S241espyU=
@size 951
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_conhost_path_traversal.yml
@sha yRutElER2vb9e3Ycmj4zL6ovTvHLb9PkN1NseUuUU6I=
@size 648
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_conti_cmd_ransomware.yml
@sha nysKsyKN7lotgljDtaxbN1/mi4RzFY/IkkjxLs7cv88=
@size 805
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_conti_sqlcmd.yml
@sha +jStEGnNtvIpatwDipeihxWuS17s+SWJsZN5u9RS3Fw=
@size 1053
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_control_panel_item.yml
@sha lebIUn/dP0oeY4OUxhwkw7tV1gyzoCMqIlJWlHgQatg=
@size 1090
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_copying_sensitive_files_with_credential_data.yml
@sha 5PbBerHrk7KgnHeB6N6BKFcVmFFXbCua03tCHJX7Sog=
@size 1519
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_crackmapexec_patterns.yml
@sha pvtJy42zYza22NSslyqcKYdOCFY3tdrWarT+TPm7WTM=
@size 1152
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_creation_mavinject_dll.yml
@sha m5HtxLkZd6KiiCYQ7sGPXRdjeCkk/4Af606Z/cmwFPM=
@size 1102
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_creative_cloud_node_abuse.yml
@sha 4YWIRgf9KMnTF/RbxpXU6OpBAqMnHB9pts60jQ2wrmI=
@size 839
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_credential_access_via_password_filter.yml
@sha 9cFc3m1T525dPrsIz9FpKHl0cMREEWq+K24LwPL2kGY=
@size 812
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_crime_fireball.yml
@sha 9xAzOu0mDdvfJ816ccEmO4zNxmSCVB71pe1enIkzBvo=
@size 803
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_crime_maze_ransomware.yml
@sha 8YweWth1gyWlS/99OC43/lXj8fsCip+oNfYanG2EKOg=
@size 1239
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_crime_snatch_ransomware.yml
@sha L8JgVNK0Evqa1UqZnquRD6sYdzTdWgBnsL3qp9/Jkmc=
@size 806
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_crypto_mining_monero.yml
@sha e/jti4B2XrxjljvFHUCrrk1cg4g7ydV7keJPnqhw2Bo=
@size 1170
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_curl_download.yml
@sha ybpvwJhBdqTQK/6UK9mq4Lsg8QTPVLFrCzZjVlitgnk=
@size 795
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_cve_2021_26857_msexchange.yml
@sha 6VbK5MC2MFk/7loAUdqKJrn0cZpUV9k2P5D4NZUg63s=
@size 834
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_data_compressed_with_rar.yml
@sha WJTf5t/2hqIifhdG7AfSU8GcLfktDP7HrBLc1/6pojw=
@size 1013
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_delete_systemstatebackup.yml
@sha JIBQekDIUpiD7V/Spl7IxzD9dZtWg/8OFzZNZND0bWA=
@size 974
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_detecting_fake_instances_of_hxtsr.yml
@sha xxaCEG8iRB5mm2X/HDksdfMW8oz8o04cQoVNpHqy1gk=
@size 1045
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_dinjector.yml
@sha ILYy+0CiRd7/khxBMctVonnFpzSqdIRYtk/EeCDYPUU=
@size 867
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_discover_private_keys.yml
@sha HVMLesm9/QwnSYiis+97/sPUye6R2GnCdSqT8VBFRqA=
@size 1018
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_dns_exfiltration_tools_execution.yml
@sha TUnJg4XbXVIAq1kbL+n9qEnva755ljg+WLOXlg6BWOU=
@size 654
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_dns_serverlevelplugindll.yml
@sha 4zABJgQ05e1bvcL9sI5O458mBq3jHsthwI/pjjJFXD4=
@size 1013
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_dnscat2_powershell_implementation.yml
@sha srNCBTeLhI9x1rOnJIpy2BMJkUUTV0EEbiHgRfONg+0=
@size 1094
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_dotnet.yml
@sha uLGBVQRKbYgzO1D7MkQSJRr2bcyRZyem5A6YktIKi7I=
@size 881
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_dsacls_abuse_permissions.yml
@sha CaylqRARm5SZ2kGyJaTK7+2nW0T/0DFL1JHMTbkABiA=
@size 1034
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_dsacls_password_spray.yml
@sha yMmaOuxTAkK35/sRTe/8TfhyOud0A9voDSvSd39AF3E=
@size 1000
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_dsim_remove.yml
@sha UBnmBQiiB6sIxYO0g6kFvhXVs5eNARtaWIY5mYzt/C0=
@size 1182
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_dumpstack_log_evasion.yml
@sha tXzSLU3YbI8mnd6y+Fpc2K3Yy1KFFDW9zwBiaNnLBD0=
@size 625
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_embed_exe_lnk.yml
@sha y5Dnac/W8MNAF26f8CQy9E4a7bDB+h09ntfzB2Q1bKs=
@size 725
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_encoded_frombase64string.yml
@sha eORJJ0Fo+DYFkciS9bn7JhXvAuqlO/sEudu6pqRollM=
@size 799
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_encoded_iex.yml
@sha EmojKM8IIRxdraEWj48K0peWltb0VbW+eHY9Av8lrMo=
@size 959
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_enumeration_for_credentials_cli.yml
@sha Ygrb99nlCBmYNbCLc/MvOO2+U1Yj0ESL8SvQMoJy+oM=
@size 1826
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_enumeration_for_credentials_in_registry.yml
@sha 8W+70i9T1l0S9vmkcg2V4+3iyad9YhOvyvVB2NixSuA=
@size 1210
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_esentutl_webcache.yml
@sha g4uYUw+Hkz6UHXA2cMVCzLYmn/Ty6KPVmyAH19Wtu/E=
@size 900
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_etw_modification_cmdline.yml
@sha 3cMgobPoqARCOuJkgNvC4ZaW5lYkGwb/qFRN3yZqXN8=
@size 1530
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_etw_trace_evasion.yml
@sha M8NDyyk1u9YnpjyU6OPZxLG5fNhcNu14fkBGCBccV6Q=
@size 1714
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_evil_winrm.yml
@sha kqU5tyqeuwXHTDgQbsq6V/MrtD4hnanr8Rug/cXdO1U=
@size 865
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_exfiltration_and_tunneling_tools_execution.yml
@sha giGpdg02jyvhRz/YLgAzUliFwCHbkWOUicUeBvDnWWI=
@size 669
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_expand_cabinet_files.yml
@sha ii5732daYgBpy96+xELFRA0MViDDcldRVxYGSEsOiRk=
@size 1135
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_exploit_cve_2015_1641.yml
@sha 6iZL+E9w67o6zMxlhfPTthkkzzdyNaoajKPE7mqdH5U=
@size 797
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_exploit_cve_2017_0261.yml
@sha guScbvftpvIwT/2ei4ilYVCHV8cRq2hUQVpJ6yMhfOg=
@size 799
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_exploit_cve_2017_11882.yml
@sha VkJYnHOfLd2VfIdqMQU0mCs2/1+FXKSKF6XAZ45pckI=
@size 935
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_exploit_cve_2017_8759.yml
@sha bI74rKmCQoJskZ1gHok/C19+ICLFdK2hhG1bZaSWyeE=
@size 840
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_exploit_cve_2019_1378.yml
@sha Ps0XcZoIV++GdXvU4Hf99WOnnpLU0AcZJCQclES2rfY=
@size 1169
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_exploit_cve_2019_1388.yml
@sha L6mRY6uIUFhnqbrADEibdzS2aXQ4lfp5Hz53SMTAipg=
@size 1082
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_exploit_cve_2020_10189.yml
@sha IXMU4OyDSmc8DvDFL0a5jqCnFfRpOS/cDhEKqj9KpME=
@size 957
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_exploit_cve_2020_1048.yml
@sha f18g+r46NFNHgqmyz/658MNEqZ2cfJ4pcwgaEJuYtrg=
@size 821
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_exploit_cve_2020_1350.yml
@sha /heA1DAT2rH5edlXfNtRCpxrXeCEmu4CGngMSUj2xzo=
@size 973
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_exploit_lpe_cve_2021_41379.yml
@sha pH7ymCtqqZl7Aq1XXdezqAurapEh14NCpierRYraBUk=
@size 743
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_exploit_systemnightmare.yml
@sha rlcxHvKZ3VXKNka5agWQa9xg7Kbk1azdHMAdM19FlBM=
@size 665
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_false_sysinternalsuite.yml
@sha hQY5DO//OgGyRaJz/mflE2IzDxSED356zdyJX77aPZY=
@size 5189
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_file_permission_modifications.yml
@sha 9buKjWE8o1y0IdRp5Q4fCY59xuuut6q3tbL9c1b2Le0=
@size 1294
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_findstr_gpp_passwords.yml
@sha 4jW92rRUs30pPYNr6p/Rp2+iE1EZB0h7HC1pjEl2yrM=
@size 785
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_fsutil_drive_enumeration.yml
@sha dReFMs+mtYNNiRbnQHN0ut7v82o68AnK44/1Isb+Wn4=
@size 931
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_fsutil_symlinkevaluation.yml
@sha 1H8IE585nItcICnpwrLjk9A4Hy5UsOxSh1eQlX/pPUg=
@size 955
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_gotoopener.yml
@sha DKDqdDSCNiU75SfvRwP1P4TrmvS7OVKUwQlU9NdL9e0=
@size 1210
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_grabbing_sensitive_hives_via_reg.yml
@sha NIcRnHRIBpWBEqyRJkSzsHlCx7aL4PzdI767hu+PgVY=
@size 1535
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_hack_adcspwn.yml
@sha 6TZ2VMBp93HIap9ThPOpkSKL7hMslXjcH6wmlQ8fnf4=
@size 680
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_hack_bloodhound.yml
@sha g0MaJ1XpIhQjyOTh2dUIB2reDwyPYCNPH/CDC5O5nQ8=
@size 1159
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_hack_cube0x0_tools.yml
@sha 7WOZEBJAED2XFBGV1/pKJmX4hBy2p1gtSonT7s/2FAI=
@size 638
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_hack_dumpert.yml
@sha t2N50rOymAOxg31udVvq3LjGY/xUn21snn0zkWzLCp4=
@size 682
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_hack_hydra.yml
@sha OGWCDkGLqxob8lekS88pfVVXfqAVbsL38Rko5YaL1hk=
@size 792
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_hack_koadic.yml
@sha Rk1DuO+C5hngQvF/PxpfOhE2+KgtptiaCuQxlG0gZ00=
@size 864
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_hack_krbrelay.yml
@sha OXutBgGn9QWVxnOfjfv8Ci+mqHhzubsSEATs1+mnp5A=
@size 920
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_hack_krbrelayup.yml
@sha oihZ/vtsLJLvkZNJXJavfLJfMCSvlDIHzCXetk7YpVk=
@size 1098
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_hack_rubeus.yml
@sha A8AgaF7SpSohur2zyWVa038JuT4IjcKzNwT2DFFXK5o=
@size 1017
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_hack_secutyxploded.yml
@sha FMyXBpVSZaWc+LknfRBZyiLTEMkV/bE3XiHqBna+jlk=
@size 746
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_hack_wce.yml
@sha WPDdaBKJDHVRf0/60Ga1ZSChq+EOxQ3PWMmre58K8zY=
@size 1073
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_hacktool_imphashes.yml
@sha Q6zLy6iAAWM/blTfaRPsn+UxhjjHIcU1NMNEk/IHmXA=
@size 4221
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_hashcat.yml
@sha TNf/VHSeiokeQAonJrzpLR2URckb0J8LBcuywCO2zQA=
@size 919
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_headless_browser_file_download.yml
@sha SYDM5V4EtZKkl0W/kW1vuMiobnuyepA+ObHBMgky55w=
@size 799
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_hh_chm.yml
@sha Qs6bdj+FnOw+KzE72f1Bp1NNEbwS5LLownMm/oYtiZ8=
@size 801
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_hiding_malware_in_fonts_folder.yml
@sha H/AmDKcQ2M24b3ISjVEDMRWcfQxND2bPbhGnpZr3TrY=
@size 1425
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_high_integrity_sdclt.yml
@sha FhsQwnU2vp4mEdsn/FfCGaDo3EZOQ9jZc4NRuWjqu78=
@size 827
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_hktl_createminidump.yml
@sha c4FR+RDlnPjhYV4pPJOn+05xYsdkSeOSaFEPOpuBeh8=
@size 883
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_hktl_uacme_uac_bypass.yml
@sha Vvln+5u4XslMEOvLORtcsga/hiEf6Y4hXNQ6ithUlRk=
@size 626
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_html_help_spawn.yml
@sha T0RbEs8nv67G+zu3DIePh1xwP2ar+OHTqhDPdyZv1UU=
@size 1011
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_hwp_exploits.yml
@sha WYoBDP77ekGUjUHx77L1XVYIcMMMS7SjnCXr0778Ir8=
@size 1044
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_iis_http_logging.yml
@sha IE3Hgfh0QLTuvKrPyLMmQibmhx3k9RhFnwzV0QpFR8M=
@size 790
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_impacket_compiled_tools.yml
@sha 6wqaojfn5M3ByCUQpBG5syVGf3Fg8f70zSQfQYL9Kr0=
@size 2503
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_impacket_lateralization.yml
@sha OuXfNe00XUXocTArBkqRtP+6SwoT99hRNcjt6LHeGK0=
@size 2760
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_indirect_cmd.yml
@sha 78uY+G9ah3RswL8t1T7082XlFVYx1AsjyXcg5RRLXdA=
@size 1003
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_infdefaultinstall.yml
@sha HOQXQIS9FuPxN8kLqhaB6gNXwVuA6z43991Q5Bwex3g=
@size 885
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_install_reg_debugger_backdoor.yml
@sha QxpMtjpDUqcbakMddOhiUeiX5Ba2aVfjYRsIzcrBed8=
@size 940
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_interactive_at.yml
@sha pNS3TF/TJEqZ6kO359/zZrP9PGjKcTjsTI2rxz7cyN4=
@size 864
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_invoke_obfuscation_clip.yml
@sha 5sdZx5ifOeg64in4kAXEA2ba7B4BZUM3kJ7ZJj4VgIQ=
@size 662
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_invoke_obfuscation_obfuscated_iex_commandline.yml
@sha LupXL9pd1pEa1pbYavKvnlw+PdapOYpT0wHi6LUiQWk=
@size 1160
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_invoke_obfuscation_stdin.yml
@sha ZjynN9UwqNs7uYWJDRYuzOeug7UgHSmSLjHjHlWAl/g=
@size 641
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_invoke_obfuscation_var.yml
@sha s7qR3errdgVUoduAqoQI18qPMEnx7LKo5iFafNE3lZ0=
@size 683
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_invoke_obfuscation_via_compress.yml
@sha eH8JESy5r70hsA66edjQQdrQYe+P9WwOtOUulUuhPxo=
@size 790
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_invoke_obfuscation_via_rundll.yml
@sha Y9XRwuxgq5GucXFT2rO6Bq5flZL0Ab+ODmBwJFteSPE=
@size 677
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_invoke_obfuscation_via_stdin.yml
@sha vpeFOv1eAeEPMopRZRbvfyCQwk+6wI3F3qa9CZs586M=
@size 615
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_invoke_obfuscation_via_use_clip.yml
@sha UjNCn2V3J35xvV5kBHFTG/oRZ0y9RLBnnIneZf/2pTQ=
@size 630
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_invoke_obfuscation_via_use_mhsta.yml
@sha rEgQLlVHx+h0wNL1OezQECpD0hOt2KTkfVVc7p3dJqs=
@size 695
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_invoke_obfuscation_via_use_rundll32.yml
@sha 4TTxDouU1Z5cffKylp4RLORH2yyVeOKTd549SBAdNUM=
@size 746
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_invoke_obfuscation_via_var.yml
@sha gbKRtn7t4jqlXseIKvV2eejcMqSm8j/p8HEwNIAO4uw=
@size 654
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_jlaive_batch_execution.yml
@sha RIaicydAANf0q2CfqDcdZea3nBYJ+NL3LdU06pcGVy4=
@size 972
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lethalhta.yml
@sha 9TLCM5VJpuPOuG87co0VaviVzeRDxZwMKp37k0NNOy8=
@size 586
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_local_system_owner_account_discovery.yml
@sha FKO2IH06iQZn/QKjWycOs60GiSKbhhR9WM2+mW+m76g=
@size 1994
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_logmein.yml
@sha 52eRaXbUl8laQoMw4EgTzBlNLgkOdAmN4eQyfD2Pdc8=
@size 1204
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_logon_scripts_userinitmprlogonscript_proc.yml
@sha RWhwAjEn50IAnaLykt1dt3PyL84itXZaY8o9xhtgat8=
@size 1015
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_adplus.yml
@sha I+qolbSBlcgQxkao+82Ip94IjxKmSK5seDRFVowoniA=
@size 1150
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_aspnet_compiler.yml
@sha 3BSuIw9h60E3FcikHuU4z7Yu0/dg1UV/7LW6UZlvVs0=
@size 642
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_bash.yml
@sha KbVBzzZapXtfOeI6WeBcFzDnONEMIB86fJsh28CldR4=
@size 598
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_certoc_download.yml
@sha EA0+StkHyeY7bc5qPupGVPqWRoslt+QGBGyq0W49S/U=
@size 666
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_cl_invocation.yml
@sha stFJ/Af/zJgLTMzuS5SrteWDQUoxixqFZSz/O5rhCIs=
@size 844
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_cl_loadassembly.yml
@sha 7DlHkqKY6OXZri883/HcBePnqC7hIM77TLDfUH2BRC4=
@size 757
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_cl_mutexverifiers.yml
@sha 8vWFncfdDkaAwoyFmro/GM+ifzRMgkFXH/B0UP0K4Pk=
@size 685
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_class_exec_xwizard.yml
@sha gxCw6k2vlX3XGqnOEfJ+wB4RmGN42xtNzi5ijWT4ApE=
@size 713
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_cmdl32.yml
@sha Kl4ITTS/7r17EGTMA9ZD11q7cToweEw0CyxyJg1UKlU=
@size 813
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_configsecuritypolicy.yml
@sha e4ukdS0vteC6t5RFjl2iPMo3Nh+FRzOnlZ0sTptBv5M=
@size 845
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_cscript_gathernetworkinfo.yml
@sha uNa+WZ+iK5NF8QyjD0VKB1fh05k7SQatyMs2RlmcZdY=
@size 884
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_data_exfiltration_by_using_datasvcutil.yml
@sha i8Wuz8GueasAZnQMzSwPUy9p2IuHIo0TiTh6t+2GUbY=
@size 1668
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_diantz_ads.yml
@sha J9ry80PbBAW4vSfgpN0fehro/PMT3zQLtJXugj0dwI4=
@size 674
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_diantz_remote_cab.yml
@sha BzVAFf3FJ44wySAjoPpAFjsWgGKulI1/ul9TRIElVgE=
@size 644
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_dll_sideload_xwizard.yml
@sha wk4LB1TkluDzb5REL9RhrLxNi1ERXRbK/KF8cPa3xhY=
@size 780
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_dump64.yml
@sha g+Pn2he6uxMeD4AiU4sa48jD1ob24g9HOgbQmbtzxcs=
@size 887
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_execution_via_winget.yml
@sha /Cp/V3VN/vVJC/Au0On3jJviXQNSC6YeEGZ04yZiwcA=
@size 1216
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_extexport.yml
@sha d2dMtQeyZXoGnm0X9L3g/wxP8LtqW0Ac4Kds79vOfs4=
@size 666
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_extrac32.yml
@sha TMJAh2o9se9wnX9oGSkaxNUFceRgcyi/l0juwAWuFSQ=
@size 806
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_extrac32_ads.yml
@sha Xwc2MbOoIy399iTvyPY9PHjTia4RcyWc18sd7PeFTz4=
@size 643
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_findstr.yml
@sha xAOVzZqSWL34dOuDDje7rMrKE63YLhV+WmcMI+sUgI8=
@size 1469
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_forfiles.yml
@sha vfWCIb9SSo3cnXkb7izNbAxjBkwD3reZRZcDX0LBldA=
@size 1071
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_fsharp_interpreters.yml
@sha KhweU6hHkM7Ao89fQSAV+wDPFYCe2Pd5eth3n32Tnb0=
@size 1078
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_gpscript.yml
@sha CW1FQf3x0rBZoe+GV46MgnQG8kYm2p2EsqjkecGyrr8=
@size 864
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_ie4uinit.yml
@sha 7AdpRnUlRcxrTK9ftThieLyehniqfAvYeuRmilTyNJE=
@size 996
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_ieexec_download.yml
@sha PNeJ4DkZrZzEpjl6orK/fcQ80SOGf7HgjA/kEzMt07k=
@size 636
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_ilasm.yml
@sha s07cCnzpWQTVQ7xuwQ36XOzR9tuMSWp+MEHd6LG9AfY=
@size 652
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_jsc.yml
@sha DvginJRZbfAr/RmMbihxkFbEQbvAHUyy3EfMLuyJx6E=
@size 615
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_mftrace.yml
@sha ttthmtivlRUHqWh4ot3C96eAiNvt+XghRuVe/NxlZ0k=
@size 980
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_msdt_answer_file.yml
@sha nQkdKhO48rq+rGTXaf6k+zOLiT4FegMAx49GdEgNFyI=
@size 976
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_offlinescannershell.yml
@sha pD2TS3edrpui59kDKjlMBQFGb0pOKwYzoXA21VypqYw=
@size 783
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_openconsole.yml
@sha b0xw9YigipHdVQXYp3Zkwk4CrSfSMJPHeu9dpm6LAt0=
@size 817
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_pcalua.yml
@sha 84tTp+tXhID6TrFtWjt2dcuNMipCFUgeou4DYwWb6/8=
@size 883
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_pcwrun.yml
@sha yH9NODWamR7V/raH+/QDjKaO9FZxaOs+o+riqe90oro=
@size 888
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_pcwrun_follina.yml
@sha 4SC+H8qAsGkBXCGAxM7HcGgTLUz+pRw2tT1G0qRAJIo=
@size 691
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_pktmon.yml
@sha BPKcPMoFFJdEDYG3Y0H6wRZiW0McgH65Y1t6NcdagVg=
@size 568
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_presentationhost.yml
@sha hALEuyx0BMwkOkV3Cg3B9V+qdkXOxuQTHPBW9oCK78g=
@size 1062
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_printbrm.yml
@sha lT4Fa/07wZfslj2QvrBwqU99Uo5M9+7WP5PvVJIouP0=
@size 766
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_pubprn.yml
@sha Pj2ByVqPcGX7yy2EtpRUfPqNc82El9dFy2/nUTJeRno=
@size 585
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_rasautou_dll_execution.yml
@sha h4dJ8hRJgJyxKfqfL6/y4yEH5tVYb1wQxlujWL2fu7k=
@size 1337
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_remote.yml
@sha id+KwutYtiqJ8bjRxzElIUx4Ncn8T+kkx8jhw1mQ5Bg=
@size 784
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_replace.yml
@sha D5ZuJ64rIg4q2eep5qZd2i6jO35h87cW7p+fxD1etJE=
@size 758
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_rundll32_installscreensaver.yml
@sha Uf/XNaBvedHvKLrtaW1RPiPwtuRZ5hzUifvUDVxHQVc=
@size 733
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_scriptrunner.yml
@sha uYNimabczYeoIDYStzZ3E70MZ8IeDCQX18DpuKJYJxE=
@size 776
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_squirrel.yml
@sha 9Qw/+lMC+sWc8zmWE93YAxcxWoZ1CfLPN1hUMld9Sto=
@size 946
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_susp_acccheckconsole.yml
@sha eEVyLhBMHDXBS8rtNSln/5nT0285cyREFVIoLDZQRW0=
@size 916
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_susp_atbroker.yml
@sha GJDkO9zRJEArpkBE+ic/9MdwZRS/NsKiuvMGawXC8iM=
@size 1564
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_susp_certreq_download.yml
@sha XzQ1fVjlXqSVQkx514hVga+MlpgMTpG0yN/87P91rhM=
@size 900
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_susp_driver_installed_by_pnputil.yml
@sha LEKg81SgtyxG5V9adROGjsFEGE8eu2P0cgdAdXj0uCE=
@size 1327
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_susp_dxcap.yml
@sha RJdo0ljUs+7FA2c+6aSnUzfnXj8bS31pBZA5BOANBEE=
@size 853
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_susp_grpconv.yml
@sha b2fTcOmckkoL6J//JDayRVouwALUZvZO23wyZCjw9Fc=
@size 656
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_susp_mpcmdrun_download.yml
@sha iUrHgmxfScKOxViiKWr4JIvAIfDfNGe++bGsSS7irHQ=
@size 917
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_susp_sqldumper_activity.yml
@sha P3yzt6wi7IrK7GNcpkpvIDK0uAo+dLqxLdktgLwl0gM=
@size 872
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_susp_wsl.yml
@sha OhjQ2uxAW5pU3rHH5cZsY9sN+lWn2PgCxTIr19B4KOI=
@size 1000
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_syncappvpublishingserver_execute_psh.yml
@sha 9s0hnHsYFFn2yG81qp/9mK2sdmfvw75rTh9kwxLCEV8=
@size 917
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_syncappvpublishingserver_vbs_execute_psh.yml
@sha aq/BTX7G6cGRbxDNWFIKSfrukzHnecmbB+au8ArxCHc=
@size 902
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_ttdinject.yml
@sha dsW6C59PwJ8QiIgVDuF5C6+WD6SvqcmNM6Up1ASj5DQ=
@size 631
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_tttracer_mod_load.yml
@sha U6PjxWPcF982nQqhXTO8mbU3oZ92dmRyaoBnzsazVi4=
@size 989
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_utilityfunctions.yml
@sha +MMxwRBgo0lU+Zm2IQO4FK8vn06O8OJ4h7Va3zI7o2k=
@size 623
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_visual_basic_compiler.yml
@sha cuS99zrZ+OeQsE1NklDyGDt0SYCgMb7Bdh9E1XKsp3o=
@size 735
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_visualuiaverifynative.yml
@sha G8UAraFvuM4GVDhH/6ahX1gUxTEVTPBrUC0D1/E/XOg=
@size 1112
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_vsiisexelauncher.yml
@sha 0qBPO4ji3fJVEPfB7q/gLSg7+bAVoMZ1DJfVyQ3/7N4=
@size 775
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_wfc.yml
@sha YU9uJAkrk81Mmx+2FAoYb1UEPMqCHcIXxKvR+GKX5J8=
@size 810
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_winword.yml
@sha vkGB6H6Gq5owRx52G7hiFiMMASVUuUtj7PgnfbuCtfI=
@size 893
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbin_wlrmdr.yml
@sha FatQJ9nleG0Y8nIXb9nEJFFF0h1jewdXerPeeIsA7gg=
@size 815
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbins_by_office_applications.yml
@sha /MO1CYxOuITjZMFgewyU7xe/9/XuZtlAOoI3PifMRgg=
@size 1456
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lolbins_with_wmiprvse_parent_process.yml
@sha kIAKYdnU+Bke4ydrrwzF6ulkp9gX+qJhGutrzaWFlCw=
@size 1101
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_long_powershell_commandline.yml
@sha 1fC7xLR3yX6FqDrTAKIKUj2o+MAiBTVKWrNJSI50HfQ=
@size 748
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_lsass_dump.yml
@sha SXNQS1mS82h9EhC4XwNMTLR1SwMeKxbm46n1pytiz0c=
@size 1256
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_mailboxexport_share.yml
@sha Hx06b5TaH6ua1fFBX9kto+RiZ9/GIkvzDhpF90MjdU0=
@size 1008
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_mal_adwind.yml
@sha oavlpfWY9ChzrC7LbpIhOsbKhym63uEQoyw3FzpvNUI=
@size 970
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_mal_blue_mockingbird.yml
@sha jp1hrw2N19YygvFzBnRjlU9+XZbaMCR5An8qkCwaUWg=
@size 834
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_mal_darkside_ransomware.yml
@sha mF2unLKQmBnxyxnD/4s6UJ+1xWnMPecM5y3agtiePEA=
@size 999
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_mal_hermetic_wiper_activity.yml
@sha XNDdxvVpXJ8jwf44CU9rmoOMaZFgB0ZzWt+/SkH3+iU=
@size 893
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_mal_lockergoga_ransomware.yml
@sha LnaSM3fYGSXEbhVoWuOJPVi7743PCufyHl5pZGWQUH8=
@size 737
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_mal_ryuk.yml
@sha xJTgLAdaOJgXjotl/06ETlxzN3WzsJ20f46mIScmFMc=
@size 690
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_malware_conti.yml
@sha EyOI1aYaFscEz9fbZOa8t6NFoBVZTPuxe2DldMUaie8=
@size 790
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_malware_conti_7zip.yml
@sha oFGGfLum5WJDd1xZ2RE1cYdToEh3Q7af4BC4xPdOsHs=
@size 718
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_malware_conti_shadowcopy.yml
@sha oKpLdLkDB+VBmFmDiX6h5vIz4yM/FMnIrmpUMWD6Yu8=
@size 970
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_malware_dridex.yml
@sha neJT2uC+bsQt9Fr7EC4h/OPFP0mv851yhLtFz080BMQ=
@size 974
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_malware_dtrack.yml
@sha tCBN2FwTJMAqwwYdo3i0LHX0s7Rt0+Ndmln+Beodycg=
@size 704
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_malware_emotet.yml
@sha EVN7X9u3p1Mmyg3eHOgXbI1b+GTtGy9qOqO4+duQayE=
@size 1430
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_malware_formbook.yml
@sha oQZy0sGAPBvuXjIJDtgzv1MGfj0kM4YHcfVF5XgIJHU=
@size 1739
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_malware_notpetya.yml
@sha jPw0r5mCS+E505pic91gMxGBgILz6N6dhxnQtqWUWwg=
@size 1215
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_malware_qbot.yml
@sha 8lfBkKFhuq8XL5Gyd6KJL2vQmIAdbflRGegX7AOLM58=
@size 929
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_malware_ryuk.yml
@sha Lpk0Kt9Obw0HUrXVwj/13vikeMBNekzPoFhib//Eo60=
@size 611
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_malware_script_dropper.yml
@sha 73rqvEl9+AOeLZck9fm+M4325j9Nnyrdfbs5VXDxIHk=
@size 916
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_malware_trickbot_recon_activity.yml
@sha 3GkHSwxkf/eDE3tEz2cosjU426WUvTdMOM3PVM3XSlw=
@size 881
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_malware_trickbot_wermgr.yml
@sha sKo7J0PgiRlzRdK5XThf7TvsLDYemzHT0xuDBsdFxcQ=
@size 722
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_malware_wannacry.yml
@sha bmsNhdZAVTiB68yyXvTk+ihUKq7/UCHwgnvNqfgkPFM=
@size 1551
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_manage_bde_lolbas.yml
@sha ydYiyp3jGIt3dQOckSH2mB+Ddyaiz2/l7xqFjg2p0YA=
@size 988
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_mavinject_proc_inj.yml
@sha ZVPFLQ8Uv5fIU/i8qW6sG4VJ3JK0WpGAd5mm6G6AEIc=
@size 661
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_meterpreter_or_cobaltstrike_getsystem_service_start.yml
@sha /G1vbcnVgKehB3fMa9zh8DHcaXupdQo6jnPYdsHyW4k=
@size 1944
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_mimikatz_command_line.yml
@sha xkE8TgMPGvdjdA5vNbzNpOQgGTqZ8QkoDSHWD3UpQMo=
@size 1771
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_mmc20_lateral_movement.yml
@sha jQO5EFxWlxKehVnAC2frKcEarO6GFBGzp6gdBbi6EOM=
@size 885
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_mmc_spawn_shell.yml
@sha harH4OyGyLXEbvXcRX0K2qxWSQrS2moHpvopBKqz/tc=
@size 870
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_modif_of_services_for_via_commandline.yml
@sha gT11oiz89IlcFDfhqIn/1hRN65aPpyKyKWyqwUXflnI=
@size 1843
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_monitoring_for_persistence_via_bits.yml
@sha Yn56FyK//fotw8BZiRru26fF/MFwXLfw25WrWMXK7F4=
@size 1587
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_mouse_lock.yml
@sha cUVf0sNhCHyKPGn0rc8I4jF+M1AFfVrEDJUeWHXAn58=
@size 920
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_msdeploy.yml
@sha fbkkxauSMKutCarqG4uUp9XYn4+Oxs1qsRM6wrsNXds=
@size 879
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_msdt.yml
@sha UCwsukVmaVjEdxi+MHEbDkqmdNm50EbYNfbW7w73k/Q=
@size 1191
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_msdt_diagcab.yml
@sha 1004WanTQ10L/SqYGDvgL3hzwZHHQlkQHT6WnIDCcoo=
@size 860
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_msdt_susp_cab_options.yml
@sha oAqjp/43MUrWQSUdKi7cPZhxUNpLJHR5XH7mzBzdae0=
@size 829
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_msdt_susp_parent.yml
@sha aXbGPAOARIFVZ5X+6CwcB7OjMu5aWY9mqGsJT1Mb5/I=
@size 986
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_msedge_minimized_download.yml
@sha POyj005Y3EZpFEm2UiQHdWIQAn3/OqAwsoQr266m/SU=
@size 728
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_mshta_javascript.yml
@sha FAtLWUZpJUMbxbmg3+UNx1+c4pqC7VdkqKJu9i4B5OA=
@size 791
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_mshta_spawn_shell.yml
@sha WvOBJYvH+zL5h7l95aOli1Q7pY00ENKAJ71kxRIu6K0=
@size 951
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_msiexec_dll.yml
@sha Bm95LS5NeqYH7FklYKVI43Yy0HsGyM5CauS86Fbjc50=
@size 752
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_msiexec_embedding.yml
@sha ZFQw/YmwNl8re1vFKwzeIvux4QD0F/u8u9SPdg83Skw=
@size 929
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_msiexec_execute_dll.yml
@sha y7+i9QvYvr+UzYfC98sAYMdhP+aafXXWZmOLpLfFnRg=
@size 1461
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_msiexec_install_quiet.yml
@sha qI3sd3X/7x1h+Ba0ZARP082iVBHrNQjUpIbyPooWvzo=
@size 911
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_msra_process_injection.yml
@sha Wjfvsl5AwLBmSzmMEfTeAHm4/5jdF9zGG2PMNFgs9k4=
@size 1078
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_mstsc.yml
@sha ZdFxcogGnAlBKeMo5BZH5eYuYu2EEm4mbcjaefBKKyo=
@size 1200
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_multiple_susp_cli.yml
@sha uTu7y5BI+c0IJfPOJht1rNZrej0sol7l2Xf7fjWksBU=
@size 1620
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_net_enum.yml
@sha +t+n5HdQ2ho2Ih4+DE6OAipgf5Zz5mySR9HeEY0HQaA=
@size 967
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_net_use_admin_share.yml
@sha 7J/s6qwtHnqA2GCsrwkD53gcmr3gvpJ679f5ElDcmUM=
@size 878
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_net_user_add.yml
@sha qq6qjCcmeA8k7Q94HeSyJb95JjMkATT22p3JxtqnCaI=
@size 930
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_netcat_execution.yml
@sha nrO2ZJubOX2ucuAZff5MzT4aHJtKJ7/VybmHNtB0KcU=
@size 1095
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_netsh_allow_port_rdp.yml
@sha P/YZ3uRb+tHtt+5hUCpIqBne8MT4l6hj+qR3VIlQzeo=
@size 813
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_netsh_fw_add.yml
@sha 5BJp1o86ysFWyroUJmk7zXt4or1w8nQvyfwVB9aHg4Q=
@size 1186
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_netsh_fw_add_susp_image.yml
@sha JA87qHXniFO7gMWTwdE3ZQnnl6fWlcvN2GGy1R2d9hU=
@size 1818
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_netsh_fw_enable_group_rule.yml
@sha 2KH6U9Q6+P9wu3QBfacCKozcgrUQUdQcC97Lz58JkxI=
@size 959
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_netsh_packet_capture.yml
@sha haKAKnPQdZY1hFNNaA476TPRAwXIXF3xGeA459dZv8A=
@size 791
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_netsh_port_fwd.yml
@sha ZMEEJmCP4jw9qJz5VvmAGrJtq6h6PMS+Al4zspy+F6c=
@size 1269
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_netsh_port_fwd_3389.yml
@sha +4w9Qdnqg4iI6zQXcLYEhWG8XtMyz21gdcmWc45aFTo=
@size 774
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_netsh_wifi_credential_harvesting.yml
@sha rqTStR7Z/W/78NH2vWgUu+e2iJ9Qezn6IvkKlEqtX9Y=
@size 825
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_network_scan_loop.yml
@sha VHY1EX5UJ7lZUcU7S+ar25/M3rdrWbf0XxoaHd5Wcz8=
@size 908
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_network_sniffing.yml
@sha tGSmGrVwaJhRivTikaiCHxzcTAHGcUfnLGX89T0TBQ8=
@size 1029
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_new_service_creation.yml
@sha EALC6dFXOUyeStW/vroOaYaVuuv6RtHI0fRTngS6QXk=
@size 817
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_nltest_recon.yml
@sha 78TuQHgH61pJcIAXX4yq/CjI5/jEjaK8g3StU+8nsNM=
@size 1378
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_non_interactive_powershell.yml
@sha wc9iL4Ub3PHsqSVYCjVphKtdA1IqCn6KMGxAsdflfM4=
@size 850
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_non_priv_reg_or_ps.yml
@sha h6Cm2orYSA+kW8BKWHA7xZMeRT1qcFWFwB/LEayxAis=
@size 1287
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_office_applications_spawning_wmi_commandline.yml
@sha QzDW3dhdEE7c29hk197/+nxHRVupcE7ObLQocuoGZLE=
@size 1139
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_office_dir_traversal_cli.yml
@sha wNUaTeupE2LsLaf1reuhP+8i3qgl4Osx567gHeSXxq0=
@size 920
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_office_from_proxy_executing_regsvr32_payload.yml
@sha 4HCQ9+wemev2xw/hXKUqmBi3ciahGGNkrKTzYoLwKyY=
@size 1706
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_office_from_proxy_executing_regsvr32_payload2.yml
@sha dUyjvlKL0S0ny1hW33n+j3SNNGsVmSX0svdR1v6qSXI=
@size 1662
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_office_shell.yml
@sha yjhvYuseaLQzabnG0uEvxKfFZuIpwQxeYX/CA/E9JRs=
@size 1750
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_office_spawn_exe_from_users_directory.yml
@sha Bev9fIa+i0E3gAQ3EO/N9zsFJqPNEph5wIxIE9ANY/E=
@size 1171
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_office_spawning_wmi_commandline.yml
@sha OhKpcwqjrrTNSZr2U/FaF3cD4BUBxoh+oSbGrZhfHxA=
@size 1181
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_outlook_shell.yml
@sha iq706bV8kEtsAhxD+vWPKOO7XivMQhP4ANTWbL39G6w=
@size 2375
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_pingback_backdoor.yml
@sha Cv7mgYxkZLIEG4qLd0xeR6404pQJMakXkdO6nbJALk8=
@size 835
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_plugx_susp_exe_locations.yml
@sha lUPXzXw6Oao6KvCeW6zc9NglK0nmo3UzbIxBbtTeJQg=
@size 3218
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_possible_applocker_bypass.yml
@sha oxyjKPN41CTzb/qVZatBJfhOIACqaVcSTa81RhDovWQ=
@size 1337
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_possible_privilege_escalation_via_service_reg_perm.yml
@sha whoqMgC+USbCQIMdAbNqV+N22hmDEJMPcRng9Yhcg2A=
@size 1169
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_powershell_amsi_bypass.yml
@sha ZSVrf3G/KnBt92/r3Xvc1s3EMDGd997mFntORwmZHRY=
@size 812
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_powershell_audio_capture.yml
@sha 63sw1aZqMF5aDVSwQCmXwvsY+U6pXSMBjJ7Ldr0sj5Q=
@size 761
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_powershell_b64_shellcode.yml
@sha ZwOYOIRJq5S93hzuDJkPFnNJVS67nV9Rw5RJa1Ecka4=
@size 617
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_powershell_bitsjob.yml
@sha DDPWpeO0/z2t5VWsjOkFFIvYPTjVxXhUpd9aQjNtyKY=
@size 810
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_powershell_cmdline_reversed_strings.yml
@sha TUBud2QiNfO6EUCU6l9LnRJNtTbvnFN9Lo+8z7y4mbQ=
@size 1287
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_powershell_cmdline_special_characters.yml
@sha RzcRaAduG1N/NExdDoeskIImAqYhN29PdFncTVNX7dc=
@size 2317
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_powershell_cmdline_specific_comb_methods.yml
@sha 92C62fOraBySp6Sey2EjV2iO7+wakIH46fgln1GiZzg=
@size 1450
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_powershell_defender_base64.yml
@sha e5SeobzIrBsQyZ8jfiMgD+yn0QE3+EgZuadioYYuHMw=
@size 1848
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_powershell_defender_disable_feature.yml
@sha +daBxlTTK8FJu/kKx+IB/llrqFhgtwbJ6vrgz9nwIoM=
@size 3703
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_powershell_defender_exclusion.yml
@sha eN9HUihVLe7xdsx8aXdhAYC0nmhmBLUqSq3K3jtmJbw=
@size 1185
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_powershell_disable_windef_av.yml
@sha SDq8Un80kXLaNll8psJHgwbh/Dv7RrSAahMSyLXD/zk=
@size 1515
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_powershell_dll_execution.yml
@sha UzmDVmmYTYA/5OeTmsAMx77phoMYLRbOHzU8KbqOCaQ=
@size 756
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_powershell_downgrade_attack.yml
@sha JPmvMlqvSDyUBQuHVm+TgVUctIyPnxItQVo4jjBN/pg=
@size 871
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_powershell_download.yml
@sha ZxfahbbD8KScCC0ZCbUsLEfD4/r+9mOLwXSVuVH4wl8=
@size 722
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_powershell_download_patterns.yml
@sha rRr3lMhNjd3Jn/0K2s3pB6i+GOHzrgQTV/RoYH67UcU=
@size 1189
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_powershell_frombase64string.yml
@sha Q1j2l09a6gTPWDG3+rWo7a/nE0wRpJ4j+UBbjk0zmXk=
@size 624
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_powershell_get_clipboard.yml
@sha 95cIAU3sTUveCut/T1rjPtN6aIMqk1YMj9R/BMDwhh0=
@size 761
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_powershell_public_folder.yml
@sha Z+qn2Ex/9uoyh5fvbv6l+av0nMuLuIcenOkl7ZuocJo=
@size 679
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_powershell_reverse_shell_connection.yml
@sha 1RF7aPkK6zJWSLrTAFYMYrk9YWIN7WmEXjLj1weL4AQ=
@size 903
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_powershell_snapins_hafnium.yml
@sha 2jFdS2dQxWpQN1WKBr6qqFsZgSnwihIg6Mn4EJLqAqU=
@size 904
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_powershell_susp_parameter_variation.yml
@sha aILrrVtjKwJhWUFLbLqPc533q8HOxeu2FtssNasrKEE=
@size 3135
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_powershell_xor_commandline.yml
@sha cEW0IXjXvTJiaouHbPbGu/lITaiHnTKRuThHcXxWwlA=
@size 914
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_powersploit_empire_schtasks.yml
@sha 8gch9zwSn1y8ajYxTzm5/iqJv6gBtFmTir0B1QXACJg=
@size 1407
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_proc_dump_createdump.yml
@sha ic5YKvc38Rx0S/9Bw0jyHdo4H/z2ae8jykOf0F08vi8=
@size 838
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_proc_dump_dumpminitool.yml
@sha MkGlgMFrY2p/Dix6xhY259MZJnmddXF+vI6lfZxcehw=
@size 843
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_proc_dump_rdrleakdiag.yml
@sha RDKCfqgnrd1ZcxHp3dKCX2TM4deop24CuQEt0W9917E=
@size 824
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_proc_dump_susp_dumpminitool.yml
@sha emfhdii0Zr1No0L10WereGlTu+T4hCepV3Wn2AiR8dU=
@size 1193
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_proc_wrong_parent.yml
@sha lU2SRXY9zyt7R6BfucLt7j1okpcuFSkWkN85udluNzY=
@size 1593
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_procdump.yml
@sha uAw11OW+4us2ajcbLvZSDmfEdMlePwRleXsvVp4zy+s=
@size 702
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_procdump_evasion.yml
@sha 3pu4sYhvOr+Wr/2jX0u/no/TkhUQBibtbvDzdEE+/g4=
@size 1189
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_process_dump_rdrleakdiag.yml
@sha 8EEI/Fz3YEtPKfCzlMaI3R5VR87fJ+qMtbf1ANVGHGU=
@size 599
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_process_dump_rundll32_comsvcs.yml
@sha RHpZfxW/LRhOKOMqik0yRrMw6SRJa9bvOShPsDOf9jo=
@size 1268
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_protocolhandler_susp_file.yml
@sha k5Nrz2S7vQVhNe2qD7tTWeKlWIbt8J3hUwpNBJhI0IE=
@size 835
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_proxy_execution_wuauclt.yml
@sha E3scDFpvggObtPRE3StkoudNVUBw6ZhroTbdpuWYl0c=
@size 1328
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_psexesvc_start.yml
@sha wswiCch4qE5tBeC0sdXm+WvNRAGlbCAxOP08cj2WQVg=
@size 452
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_public_folder_parent.yml
@sha ZtRp/nxPvEtmkgCqj2K/MRckzCAUHUQYMcRoXvQrVy4=
@size 757
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_purplesharp_indicators.yml
@sha 3iBj68C4b9HvbzMc8GFMkw/u4+Ieb7mWq46H5VJsY6Q=
@size 668
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_pypykatz.yml
@sha df3l7tD2/ROg5W3atyKdXrOB57dEWuFfouNu0PZPHuU=
@size 879
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_python_pty_spawn.yml
@sha Nc+z3tIzNlaRSoSTyzXzCqD4p96BfHhG+8VQybXBViQ=
@size 860
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_query_registry.yml
@sha 4BQ02OeyvgNyGydMVylVgBTdj1s244nn2TSGWCGWzQU=
@size 1219
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_ransom_blackbyte.yml
@sha kqN/ldttplTQWHncyyYKzNomqDMDNPzD+cYJTocny2I=
@size 847
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_rdp_hijack_shadowing.yml
@sha TArtOrG4WgAcqpAp3PmgjP8NsPIRzni1Yo3ED1vYL94=
@size 637
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_redirect_to_stream.yml
@sha Qt8Yko9s9832jlP2cZsZsof6EUjuwbvEzUeVm4BbqYo=
@size 658
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_redmimicry_winnti_proc.yml
@sha DmzwGAXnNrBIzPpuZpLDbfP0fpGmdHfYBOAtrFzYXiw=
@size 687
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_reg_add_run_key.yml
@sha Dpi7a2a5Y7SwICBwK7xSu4nBz6apFGlT3819D4c5jS8=
@size 739
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_reg_defender_exclusion.yml
@sha fpMVOH49nYYFgpoQKZ2dHbf6jZR5/h0nrEDVnq0/wCg=
@size 993
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_reg_defender_tampering.yml
@sha /14SriLuOxjlRLJJJXzSzRYV8EG1AG7rhJ2G+hwigFU=
@size 981
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_reg_dump_sam.yml
@sha xe4Hf/qt2jgRsp1Mppw5o2x9XVWom6uaT9uV3s0nuuc=
@size 881
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_reg_enable_rdp.yml
@sha lhIOxdaEtFikUgbvtoKozmH2/D5wCF/4AnKvzHBN00c=
@size 1292
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_reg_lsass_ppl.yml
@sha o0mw/x1AbtZc9Qrvw24lkaBzJB//ReX8gfbqPSXfzww=
@size 905
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_reg_service_imagepath_change.yml
@sha ah+XjSdNRf/rCasGsiJbcL9++ypboeY0KjWsujzXH3E=
@size 1230
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_regedit_export_critical_keys.yml
@sha H8VA7dhdYg5GkqOz5W8y+qH20s5Ezm5glHzK4KIgIAo=
@size 1007
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_regedit_export_keys.yml
@sha zKPnI96HHU+G7xusETE1+mYBNXeErbkBlzZ4Qq3sM2s=
@size 1000
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_regedit_import_keys.yml
@sha RFxyN31Q3fNW0tykhR5LmAxpHmwh/bIIrrWuExFv5gA=
@size 1013
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_regedit_import_keys_ads.yml
@sha 9HsPFnzFGX/flGXf9JzZe5FkxtXmRpCX9jIcCvEmF7o=
@size 929
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_regini.yml
@sha MmaVmJ6BkPylcSgOihjhleRrgM5F/BXUr5GPUFIv4RE=
@size 1060
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_regini_ads.yml
@sha i4zK9vL+wnMDm9wW2IDNoXCfWv6EUvLlDuvp8mFdmUI=
@size 985
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_remote_powershell_session_process.yml
@sha 2jKY0afHylWcLceK8Tyh0C18Bgk+eb5wpooPI/8VDrc=
@size 918
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_remote_time_discovery.yml
@sha AcH2SH3kyUwB3XwEvSOaFUdauHqk6l8+gMudf/T4ypk=
@size 1086
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_remove_windows_defender_definition_files.yml
@sha 2uj2m9UG2B1qyRnsPxzub7ojAnVQK26mPa7SzNa1hmE=
@size 933
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_renamed_binary.yml
@sha vPlkWqEpUel9QUCLjhUI7QR0CibRUifLzrfm0O+Ql+I=
@size 2027
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_renamed_binary_highly_relevant.yml
@sha t+l4ur2KPAmT53BpvA+CqAmlbY8D3M/XV6q8VgKrgsI=
@size 1536
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_renamed_browsercore.yml
@sha XdZgqYZ/rVREnPpZqHj7fW1nX2bTmySJqfCMYnNDV70=
@size 654
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_renamed_jusched.yml
@sha yvqnEhkOR+uFkU7LYP/WF9h2L8nTHth5yj5G7AlNIs0=
@size 785
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_renamed_megasync.yml
@sha P7E3cevSSswA8U3nd0EIakOHIq2HpgOdRqhZsBXEC1U=
@size 938
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_renamed_msdt.yml
@sha Zr6fKHP7pJyLYI4KDwMNP6fuiK2Mj3xT3VEktWPWfps=
@size 569
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_renamed_paexec.yml
@sha QR2lRuaCeRIaGhWwpwSU6ZWOGZQ6/dJqAslwwW+sVU4=
@size 1217
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_renamed_plink.yml
@sha N65ZXy7uogC7yZSY1i78MyJxt73yAzx6qdViz1YhHGE=
@size 725
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_renamed_powershell.yml
@sha n8nev1kQr5zxHSIpc0FdmjrN9vgeUB/6hP+HUYm1Hag=
@size 831
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_renamed_procdump.yml
@sha LAzgIcfEeMIZyOdYCVbC8tNIQ+0xU3i8Vi/yUPesmfw=
@size 999
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_renamed_psexec.yml
@sha FlFtk4bFD0qSwV6HGNjPTAHjVEr8qxTvcJjBvVVz//A=
@size 893
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_renamed_rundll32.yml
@sha Q3pl6mya5Y+TTyWl54ugnoaxJhzta5tfjaYGDRkpc+0=
@size 604
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_renamed_whoami.yml
@sha zH3llznh0rmwT3waPshkkCiK2N3F8LTg3evq0Se9Ock=
@size 769
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_root_certificate_installed.yml
@sha mRlYwTMYLlM8RKXsLJF+mvvzIkPC1YS3+qVWqHvDxts=
@size 1282
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_rpcss_anomalies.yml
@sha ru0a0iJ0Vh8wfOPLuqYS/z1En7W/FEvzVbAKSRg5Vfg=
@size 944
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_run_executable_invalid_extension.yml
@sha k3T21EfjVMY/m5OpwV+73POZzYXfpDq26FQnM/VueCI=
@size 1369
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_run_from_zip.yml
@sha xl2Nj2DkwKAxmR8xL952gYd3PRpdJLLzFIUvaVeW9R0=
@size 597
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_run_powershell_script_from_ads.yml
@sha L/DcjDjjzG0ATZM9E4z9G8UVPYYFT/oLuHlgUTrdBGU=
@size 695
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_run_powershell_script_from_input_stream.yml
@sha XcRTTTGlM/3TD9c5EaGQsf1XezC+lWZY/a8GrA9rk0Q=
@size 824
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_run_virtualbox.yml
@sha 2EyucXAFZC8aSP6BC2IIAMRB5m2m/Rkm4nUdg25LIZQ=
@size 1298
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_rundll32_not_from_c_drive.yml
@sha dIJlKuxHjdjeCZ+w2Ye6vziJHRKOKo4uiAVTlceRRBU=
@size 806
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_rundll32_parent_explorer.yml
@sha XS3qG1f40eC2IG4qwM0pHENPfxev53wP+Ald5k2RrtM=
@size 762
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_rundll32_registered_com_objects.yml
@sha RBeHJ7Atq0IAKRSfxop5v9uxrvk9HZEbNV8RSLSQGi0=
@size 814
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_rundll32_without_parameters.yml
@sha AAyo2GaSEwKi3h6OYbYbDCI2aCWJHVEPT1aqGVWAJkU=
@size 758
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_schtasks_appdata_local_system.yml
@sha O0zzexjJop3IwTrmZsoUTtavMtbL4eNNR8wLZ1Cgm2Y=
@size 759
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_schtasks_powershell_windowsapps_execution.yml
@sha 3levquZ96Y0xp47o/HPsWeG9FsqMPGXd9b+CPLB4nvk=
@size 1071
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_schtasks_reg_loader.yml
@sha oEAAerFLlP7fULFacxNyK3kqLwlZkUX32OdbNc1WXj0=
@size 994
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_screenconnect.yml
@sha Qu4HFV/ED7CKqFR1BpcaBy9JQrFzbduD1sj57fPvHvA=
@size 1250
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_screenconnect_anomaly.yml
@sha fLyMK0GP1MOZZunx02vpDbe7jps1kso+WSu38kQ6Nsk=
@size 908
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_script_event_consumer_spawn.yml
@sha 8MgKLMw/3eV3hWHg63hLXo/XxtTg1b1iOmLccCN2WoY=
@size 1109
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_sdbinst_shim_persistence.yml
@sha 4ryJjdoGWkhLkagJFvvF0kZyZDhcrRQ7MqfaFN1nImE=
@size 976
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_sdclt_child_process.yml
@sha ZaePcItxWHuOatYVoVlufNkEif9OfYdFMnAb8GYXw/g=
@size 759
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_sdelete.yml
@sha x578xw4pkkrtY0RosoJ8tAjHRyCN9AHI5FCczH3CIaU=
@size 776
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_sdiagnhost_susp_child.yml
@sha 2VKAV2aLWqxkekjU1u/37tR3EXEXvTGJZRgYzuQ/4X0=
@size 830
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_service_execution.yml
@sha i8ZhxZFmjpPJRwhr9P22va2c4j17bQ3ChkyoF7dXyxw=
@size 854
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_service_stop.yml
@sha qTOTz72uC+rByxUbGLccgU908dQ++7XIbvauzDlrG2c=
@size 1074
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_set_policies_to_unsecure_level.yml
@sha MqYirLfqTzf8QdneL2MwiFG0pZ7aM9KbMkKGvXh8h/0=
@size 1090
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_shadow_copies_access_symlink.yml
@sha W3uitkAwNSQxyjvNFYTWD0YH36A4E+SMulBBabHfSiU=
@size 754
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_shadow_copies_creation.yml
@sha fK4l/yPjEWAoAhHmCzeHDjVOQvCldh1Crag9iO8NF4Q=
@size 1019
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_shadow_copies_deletion.yml
@sha ZZfGNDrULNsDzMn8TZo23pEE/GjjyOIQfTvgAgoCXtU=
@size 2536
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_shell_spawn_by_java.yml
@sha eoKbuEkcx3MKRqs4frv+HmGg8z2wGuONb0udErbDqTg=
@size 864
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_shell_spawn_susp_program.yml
@sha QtKsFSXVjtKy1KxiouFTrimUvNEvoE9yP7aI5m27/o8=
@size 1618
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_silenttrinity_stage_use.yml
@sha TJJrgPqMuktqVUGGTUsofFvg3K/ytoc7Yw0i5E1FZBY=
@size 543
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_software_discovery.yml
@sha umBvAPBcpurLjKmiiEIyZbZtHbQR7WctTn267TOt1C0=
@size 1136
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_soundrec_audio_capture.yml
@sha D8U/OLaHFxOoaJpCJX17ELzJYVyzgwRNikzY+fF+GjQ=
@size 793
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_spn_enum.yml
@sha WbPJnyl+mjXVcMyjkBvpUBpX4N5r6R3F98Nog3EeMM0=
@size 779
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_sqlcmd_veeam_dump.yml
@sha yLEKHTZQ/YUDeh1JNj86ixLVT161FXRBGdnKizHIs9k=
@size 780
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_sqlite_firefox_cookies.yml
@sha n4wqFkcy4fOATANowa/hwEkG7nDvCl9xaZkFJoIMAtI=
@size 774
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_sticky_keys_unauthenticated_privileged_cmd_access.yml
@sha +rLMoWA3w1xM8XLVgB9nci0ikMSayC+lRxqqltklEPE=
@size 974
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_stickykey_like_backdoor.yml
@sha NM3DMh4bBvvgSWAGcYd3v+k/9gkPf6h6bA2XvhJPggw=
@size 1153
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_stordiag_execution.yml
@sha lNhI06DUzZIaDHWm7rwzPxGEgpIt7ToZlasAo+wbJNU=
@size 1019
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_sus_auditpol_usage.yml
@sha AOf9paQv109QAe6UmDezE4YB5M5SZ0h1Xj0oXZ7UV+U=
@size 1224
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_7z.yml
@sha YzsOgHtHEzSTcMlAI5IcKN+Rh+yWiUgDvoUVQbhvvjQ=
@size 1004
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_ad_reco.yml
@sha ot2eZPXtfJbz/ZrJFvp0Nv6KuE2wXDXOyJ6Ue2c7tL8=
@size 1036
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_add_user_remote_desktop.yml
@sha FCkI1dJxj+Iok3yBIdLVLMeGb/q09/ST4LmJvgp8I6o=
@size 915
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_adfind.yml
@sha iE1432bOKzxJiTQ72PiCUym/u3bXqdiMnNeWz+w+mp4=
@size 1060
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_adfind_enumerate.yml
@sha vxmNR+9G7rRU50hZchqKGU4SHSHWRiSBW77QzXfPnHA=
@size 1190
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_adidnsdump.yml
@sha axPHd8r4YDpE4uCr52PEwQsGJTE1wo0nA0PG0Nqlmsg=
@size 826
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_advancedrun.yml
@sha r1gIEfZwaJ5WazT7Tc+8YSbOQZfMUEcD8+jH/Po0dWg=
@size 1018
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_advancedrun_priv_user.yml
@sha sSPfAlXRZgnb9TeZ5R2QS1lQ6qMGvhU2uvWYM+xyOkk=
@size 1246
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_athremotefxvgpudisablementcommand.yml
@sha FriZO8R0iSHqZBNxqR3m7c71AjgP9zVzMHMoZOeLFik=
@size 1249
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_base64_invoke.yml
@sha g0DQx9fE2cv/7zErM3L9yC5IfmJtGg+/L0RBZ2q3ToE=
@size 1419
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_base64_load.yml
@sha VWAgKcrRZecPbhTXwGmMAJY907b9tDGGDtHZjFf0KB8=
@size 1739
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_bcdedit.yml
@sha W/0j89cAJLkSoB7QV20olTr9Qp530uQPbPj8F38lQcQ=
@size 852
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_bginfo.yml
@sha A6CifecQS+KfVz2brdPyem0aPCBrOxBUiCCXelflb5Q=
@size 797
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_bitstransfer.yml
@sha XkjxzIvWmwofsU/BFKxFtWUW+Lbf4Z5gKtLTH/DP4T8=
@size 878
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_calc.yml
@sha AwxstaQT6nWU2jmTR+1Pv58wCqnyGrkOC1ktY+bvpSM=
@size 751
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_cdb.yml
@sha WNp6pJmO/MTSR5E3BjO2WSe4rw5m2yywA6IYfDqzEQc=
@size 1048
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_certutil_command.yml
@sha burC4QRv9KpxjBrAEcMxaU6TD8uZczKRvJaZ/rZJsmQ=
@size 1706
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_certutil_encode.yml
@sha GJkcMMEAQUZgruLZzy3K+wMQZiBTquxLacSVkh7J2go=
@size 801
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_char_in_cmd.yml
@sha geS0PyaSW6aTyiEMGD8+dv0zPbAHRiKaJqlLAZDswOQ=
@size 1000
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_child_process_as_system_.yml
@sha gMXHMCLkCmGY13nq1CpHmcQ9HMPG6LJ9Y1RJaBso4x8=
@size 1406
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_cipher.yml
@sha UcnqKnfMZEGMC18kdjo3ItLGcu7zCIEVaJzwg87FTuE=
@size 893
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_cli_escape.yml
@sha l1EW9QTJ2bo86+K47wvSCyeGlaAfniIQEEPBd7fHV0U=
@size 1081
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_cmd_http_appdata.yml
@sha WaKEyMUkkVaqlT0hvQQSbenH/REmAs+pOmBBMzF88N8=
@size 1116
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_cmd_shadowcopy_access.yml
@sha We+t61W5Jkj9LVb1Pka9e9OCObpJXpdMJZL30pLAO6c=
@size 787
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_codepage_lookup.yml
@sha CQ3GYA2PbWwTbS8uHdYJuTRqG+rAJBpFh3Q6U/PMHVQ=
@size 875
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_codepage_switch.yml
@sha DIFgeHz3wrpTxwmeh3EgoLDYPzLqS3iW+K2ochdiZCg=
@size 991
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_commandline_chars.yml
@sha Naae/WcOvkx9PqtJmhB2+2FRXnMQA7KjSDgTMOj+cp0=
@size 965
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_commands_recon_activity.yml
@sha n8H0OFJjk0obd1TbTPEKI8mPv0KXmeYEWz0LPaHP7Vs=
@size 1343
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_compression_params.yml
@sha h6KOD7epnczimcgMSD91X+0bU3Fc8/b1+XauWRDi1ro=
@size 820
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_comsvcs_procdump.yml
@sha gqgs60IqMeKvhT34sCG/Hm5b9h0ChexfBhd2ojzzlcE=
@size 931
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_conhost.yml
@sha Hc8GvIZAj7ehpPUxLS6uhzzEplaVpfX/0MrSirUAIug=
@size 792
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_conhost_option.yml
@sha +vQMcrjCIfHQTPbXDYQpCmTwENGANSJNL+NxCJzoZuM=
@size 768
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_control_cve_2021_40444.yml
@sha Cd71HITCI76hNjDwzrfNN38qxabSx4Qqkk//AmZfiSM=
@size 964
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_control_dll_load.yml
@sha LKd5nEI+mny1XMGQpMvrdG0+WoXgAKMZaaT6EVAycwo=
@size 735
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_copy_lateral_movement.yml
@sha l0OEcXuaKWCrmEdCO0wRjuLXcQD+xrPoQLZqU3m9msI=
@size 1185
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_copy_system32.yml
@sha lh232TMYvVmxsWNZPiiE5ovPrXP8QQUETkhmgKJ3zVA=
@size 1208
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_covenant.yml
@sha APPW5WWIGZzXQ1xpDGgUHo5e2W4dKUt38eQJYnMIG04=
@size 897
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_crackmapexec_execution.yml
@sha 165Fr5ZRWrshK747i1DmN3vLWhegqGnbChtPFrSWQv8=
@size 1363
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_crackmapexec_flags.yml
@sha L8UH98bYvc9tp6orXJLdkA6bgTnc8MQ3X0Kbl9sWpNA=
@size 1730
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_crackmapexec_powershell_obfuscation.yml
@sha UkALvucB3b/p2ajc4CFiNXUGymkBQ+Trbbx05wh0DJA=
@size 1135
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_csc.yml
@sha bamN6FQbINhhxw/IOkmpTc9sxN6W4v0TxNUdRFWUt60=
@size 727
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_csc_folder.yml
@sha XI4vclSYk7ZYMrVMkoOqeYi5NcHOuoPTnlHwkJtSRmo=
@size 1699
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_cscript_vbs.yml
@sha 5ftZfACwiBlTie9e53BYwi36rwWc0b+XUn72rZ6jP6s=
@size 600
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_csi.yml
@sha wWeUj2Au+vk9/vm0MYM9GnuEJ0vUJ4t8BMhEGEbZYDw=
@size 1452
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_curl_download.yml
@sha hUmD61WeffMjc0NmgDLZonjiVCkNenE45+QqnOwtQ3M=
@size 1532
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_curl_fileupload.yml
@sha fZuaLyr4jqs2A2qOvLAUkKV/z6uFBT0BEcSa06oKL14=
@size 1137
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_curl_start_combo.yml
@sha Wlltz3N8R81cq7zwUA7WZGTmjSpzJAKRKBQ7vWXxAJs=
@size 878
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_curl_useragent.yml
@sha oQODXVLqW3ufHXOnlo6UZH8kEpMKA/erLokPloRsmu0=
@size 898
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_dctask64_proc_inject.yml
@sha dSoWqVEHr0KC+frOEzaoltiB2ajEPx9qqYQsWmDarlI=
@size 802
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_del.yml
@sha rvvIoqVc0MwbFmLVgA/3iKf8YXmCTItamCiHAMwJoOg=
@size 938
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_desktopimgdownldr.yml
@sha yOdsZ9TQY08IrtldAjaMN4BT+uTZYwa4/zxOYeOk7wA=
@size 1061
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_devinit_lolbin.yml
@sha mGWuf3q2rxb6Dsnxd1MEpmoRISAHGMoAF0G9wPdQhwA=
@size 670
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_devtoolslauncher.yml
@sha kStUEfiNjC7NEJXA3htx6D6Dda3X5wsER2/n0X2F5NQ=
@size 770
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_dir.yml
@sha JDdXNmrLCVqVTMogNncJs552URo/wI97tm4/ZxSzdGI=
@size 570
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_direct_asep_reg_keys_modification.yml
@sha gQ68Dvhegx42JX+l6VC9MpaZFwMRqqmhnZfi1hjBsTk=
@size 1751
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_disable_eventlog.yml
@sha y5hT+oGNokUmAvZcRBg1uANWZPRCi8ZN3LJts2iU8Ko=
@size 975
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_disable_ie_features.yml
@sha fxUBPQImtHtt2YDqzZWpYU5jzdX0ttn9QAlGhslr/HI=
@size 966
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_disable_raccine.yml
@sha wpbKi7X/n7cp3ZCPRzdJ3mQ7TPo7/EpC8qbLKY3ELz4=
@size 949
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_diskshadow.yml
@sha gb1GF3M4rkE1XcnXoqYC7EzSzybwmxWXKSv77WgJvlU=
@size 1057
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_ditsnap.yml
@sha 8dreNyUAOxKpDjdUjOsKlEDo7d4eH9thtaN95LuRYWQ=
@size 688
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_dllhost_no_cli.yml
@sha 4M+Ig+cQvFU9Klt5pZdZsqhD8KOXztp0gLs7k0CKUpc=
@size 857
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_dnx.yml
@sha Se7QmqbvL0FYh6Kwl2n6VaaVXRLw4vOLa2eDpSAxMC4=
@size 714
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_double_extension.yml
@sha rj2Yw39NfYzPjyOwK1UeaSGaInNjdV232eI+rYz3m/k=
@size 971
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_download_office_domain.yml
@sha 24MjYw5VhHn9B2SkGhPKTG6g29vPERSl25xQz8zoeKg=
@size 1097
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_dtrace_kernel_dump.yml
@sha dSVe/qfYE+X4cQfG75PT13wJCVcdT79lsSmqW7r6/tQ=
@size 811
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_emotet_rundll32_execution.yml
@sha rRoZGf13uixC522uiowsTcX0jwa3f7aIVItTX3D8oGM=
@size 1274
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_esentutl_params.yml
@sha OSfThlQiDGZm5OEK1eCw3z7CQZ7ugKzqTX/IHoR0yTM=
@size 942
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_eventlog_clear.yml
@sha grW5YJjd+7I0p3w6XpsamWFVXJgEte7SGctHJCrkVXQ=
@size 1595
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_execution_path.yml
@sha uagWVyykgdvQjJ2Z2wRBCU+TZDqnpecXSk7ZyPYZxr4=
@size 1702
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_execution_path_webserver.yml
@sha xD0qyvbRf7JSc/3U6gL0JvHV4aNltHElwWIRy9vL63k=
@size 804
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_explorer.yml
@sha 2+Zb8AX1jJSJk2WCvXPeEn2NPT8SJFC9I9fuyYGcROE=
@size 679
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_explorer_break_proctree.yml
@sha BiVDzS6613hULsKRILxL8jS/0sPgzNDX7KEJPJlq6Z4=
@size 1162
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_explorer_nouaccheck.yml
@sha mHD0+nOugqQjkhJXNcwnGVN65e7U7LMJzCs9dI+8pYQ=
@size 982
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_file_characteristics.yml
@sha P2RfF/lgtR0QSNEyHYcqSJ3X77t1i1Q2Dk3v94E7E5s=
@size 1036
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_file_download_via_gfxdownloadwrapper.yml
@sha gnQZYzx+b4sjK0wBnHvTg5z5oaXpvuOPpAcjYYw8awo=
@size 839
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_findstr_385201.yml
@sha 36LZM+ydWfAGy2ZPeMKzpg8piC5TkYPmUXlwDC1F17o=
@size 713
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_findstr_lnk.yml
@sha uA7hxN5p4YP0g59hY0wYWpLjrLgcKzq82MUPQ2kcyBs=
@size 753
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_finger_usage.yml
@sha hV2NmpD0cGAmhLyUi+RMv57FFzjQlcjhpHXs1gDLlHs=
@size 849
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_firewall_disable.yml
@sha aZBHgLjO5N1vZ674iwpBaMh8rWNLSbCEk1kCCuYWZIY=
@size 1024
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_format.yml
@sha PdWZrEVQssGTLCmCmnE1JNI8D+h/eEpkmzFt9el9QTU=
@size 938
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_fsutil_usage.yml
@sha RTcS5XxRK1YE7joGfAUSEPWCci4RjndCnGhhPVJSCgI=
@size 1252
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_ftp.yml
@sha 9/M8b+/fw0tMBgoPerDX50eOX5gQJJdVDdSJ8yAXD6E=
@size 938
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_gpresult.yml
@sha Y+j2Lma3FMcTTMX/iqv95itOpCO4Ld99C6TqdJUtYNo=
@size 1000
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_gup.yml
@sha vB66zmue747vEHIzDl8JBYlqBt3SWn0T48eTSc2x7E0=
@size 990
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_gup_download.yml
@sha EvFftBQg+7t7c/xNcLd0xIpLxoDcNl2P9WlN05VCx1w=
@size 909
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_gup_execution.yml
@sha aotrYgn+zvlYRRzeL3VnkKCfJaDsb2GoxbdaM2/fhCM=
@size 779
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_hostname.yml
@sha VVytWSth6rMm1VmGn5KpRxE2f9ADj61iwGyHdahqKyI=
@size 663
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_image_missing.yml
@sha ARiEnmQ5NgbWnh2NbbbatkugCsW/avCHpWFgrsfBtRs=
@size 956
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_instalutil.yml
@sha 4yQS5ePy9suorCwImNyVtMuQSq6rpmkaBNl6I2tVMcM=
@size 828
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_iss_module_install.yml
@sha KvX/1xwzVbLyr3UDw9sg03wTgJnIVn2JomfBK2Onrn4=
@size 784
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_lsass_clone.yml
@sha JijNfUVkku+ymRRPxurIDelStDSDnmggeTPLW2qVGhc=
@size 846
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_machineguid.yml
@sha v+YLZS2HGsuZj0LwghKtH1XTBhvkYEse/dxJJC4MF0Y=
@size 702
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_mounted_share_deletion.yml
@sha ZhdNd9fwKQRvOyPeNZIH73Plugjjj/gLLWpfPGY+ZlM=
@size 852
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_mpiexec_lolbin.yml
@sha 9WlTDQ0Mwzql1iwmf4TDis6Um3eYh8u1v+9hz1PCwpI=
@size 970
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_mshta_execution.yml
@sha 3sK6y8ipttYXdNBbGOHemQVKt21l/PgKMKa5WgEHjzE=
@size 1368
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_mshta_pattern.yml
@sha sKaf6ZU7epK+GeYkLw/Tn+QDpdx9mNqkccK+FGE0wsI=
@size 1401
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_msiexec_cwd.yml
@sha dWQJzjaFQw/+G56fx0cEKylvD8hr8RFQbBoF855YVe0=
@size 675
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_msiexec_web_install.yml
@sha +xxoAOnSmbZxQbrO3MJaodoCjetf8tK8/Zgaz+hzrlc=
@size 759
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_msoffice.yml
@sha aMVHCGn26JpViJJ1E5Ix72cIYoX5IiGF2cs+/q8nbCo=
@size 807
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_net_execution.yml
@sha RXIzAkDZjuHXhMJtaoU1PxA3zulW2rsKR7AY1i2fT3s=
@size 1820
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_net_use_password_plaintext.yml
@sha WQCL2B3fvbGeI24x0et3+Dd2inuWvj59vqO1Hajm6Aw=
@size 695
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_netsh_command.yml
@sha jiKJxlicl6uV7ZZDBYnqW02w6e517VajPjSpWa/awIw=
@size 1008
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_netsh_dll_persistence.yml
@sha P7D6uoPlChCkqI2XXnWyZe5oe0KN/hl/Rc3qAwdwe68=
@size 759
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_network_command.yml
@sha OyyDqFppeaE3sYYDGI1gD7brAYCA9dBeOXWpeQW+xQI=
@size 983
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_network_listing_connections.yml
@sha YmPSCFX5SQH2GgRZ7LXOReE2AjDWyoR9L+QEgXkyVII=
@size 1013
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_ngrok_pua.yml
@sha JeSDKg1DVDvz2pwqlaQhRkJRbcrMhx3rvD/1s5ErqXc=
@size 1726
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_nmap.yml
@sha GEmta2xMKp8gVI3rMHHC8/YtXaRuckUa3SIFr2sE+c8=
@size 720
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_non_exe_image.yml
@sha mUlKOgxEP/dttEBKhISgYSpkAMljeTk6rlMmIV8I5mc=
@size 2891
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_nt_resource_kit_auditpol_usage.yml
@sha GhQ/3aZ5dzagOmuPbziQGdgDI8eCax0UpxYDAQ/PhK4=
@size 1040
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_ntdll_type_redirect.yml
@sha qLD4w2iC7wdgLGwKXs9SemjUCtOe2Otcye36sHsvkGM=
@size 759
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_ntds.yml
@sha uwspJ5vtWYodWHU+tBJtpyD3eeh+BnvQTUcJrWbP3Hw=
@size 2233
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_ntdsutil.yml
@sha BBOVOTD1C20ll1ZY5uRgBsIT0KpJI+qqHdWdZnpygm0=
@size 662
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_ntlmrelay.yml
@sha 8kuvJ1M27xO7O3+aK3tdrwRkikh0lSVasOLQPhQRV3g=
@size 960
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_odbcconf.yml
@sha QwHUuFG8GDaHWm8kYpROs3X0vNEQnSPMRcDI59ZkQhs=
@size 972
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_openwith.yml
@sha K3tgZvgCT06KM8bHR3IKPH0j/GetA/IRGGq/DcrsJiM=
@size 718
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_outlook.yml
@sha ZDFdfOnwQkEKtqQ6V0R0wHh6tW/AziHUyQoEsgmifkQ=
@size 830
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_outlook_temp.yml
@sha PJhe2c5oURZTT4+Dwon+JibTT5nTebXg7rLL5D9ScVg=
@size 568
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_parents.yml
@sha P6PzzY5j4/ThZPzty3EyGYDTAkrHxvj4BlDfKJ8Bt9Y=
@size 1235
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_pcwutl.yml
@sha onsjmhdPNGhClXDFKglX8YxNT7OJzYgy5JFyq4OfOOY=
@size 776
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_pester.yml
@sha aZemlbDywesky9ao+ThsHFfbyFp3kPuU8wVKpRsmgDY=
@size 964
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_ping_hex_ip.yml
@sha 9m2GffXDHl/+p6KUN+Tr7hRbqVoSwbkqOTMUQ9Qh0W0=
@size 713
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_plink_remote_forward.yml
@sha an9IGLj8R9/qr3H9J97QBQ54UJpG4hxyeSo+Oqm49XU=
@size 854
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_powershell_cmd_patterns.yml
@sha Ugar7B9YWFi8GRnIswezKJrQXDkFAezOePYKwtAW1uo=
@size 964
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_powershell_download_cradles.yml
@sha zr/lvPZFwSLSHECszT+8K1CHGzfdPLtfTEdgW5vF7b0=
@size 605
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_powershell_download_iex.yml
@sha JeZPSuTDV35zggyLUV/2ftvtX2RJkpI4XUb/MCBLe9o=
@size 884
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_powershell_empire_launch.yml
@sha LUFn6AO9ZwrbVAw+yCtV2xeGjYsw2SYSJvy814NljkM=
@size 1312
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_powershell_empire_uac_bypass.yml
@sha cqUxlh9SeR17zhzN1VHV9XnyY7f8JqOl/TT2am+Io0A=
@size 1020
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_powershell_enc_cmd.yml
@sha wReqXLtwbPebqcz2Fiyo6Xy2LfMFj8BDjiIfiB97Dro=
@size 1374
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_powershell_encode.yml
@sha 0xmH3ImL4QVqa1quXNzzU6yYBwBG9k/ti1xW11LdKcU=
@size 1080
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_powershell_encoded_param.yml
@sha ZoKRusPC6g95vb8eInYRAa3Rhyzvrioc/YjoKtmo3aQ=
@size 591
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_powershell_getprocess_lsass.yml
@sha T7lRzhGtyP1VBx53yHq1+tkUQOFFTSPlTQ6+NvrjdyU=
@size 602
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_powershell_hidden_b64_cmd.yml
@sha pXew6eSyMllqhwg8aRnbLyQf4WoLhtl7yC029nuTDYg=
@size 2452
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_powershell_iex_patterns.yml
@sha b8RGspWbCaj582kb+hwIkqswEy6N1vlNt1REmo+Q8G4=
@size 1159
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_powershell_parent_combo.yml
@sha AHP4THhnVrlRzG9inji6PNBS+vORfNJFndqDgZ+plso=
@size 884
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_powershell_parent_process.yml
@sha dlhRnv+HU2bsWQU75UilMay4nG77qw9g2yWn59Dfu6c=
@size 1523
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_powershell_sam_access.yml
@sha StQ5zIFsV46rjHlCruhmKs8nJijhIuXldt2hyYkOm/o=
@size 893
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_powershell_sub_processes.yml
@sha BzLsAUKgWPuK5KdwY9dUY4p9NCMjMKm7qTCHgNlaNOA=
@size 947
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_powershell_webclient_casing.yml
@sha qJYpWRW1KcrMk5XUHCU+0xOjfv3D0hcBGXwiPckmykQ=
@size 4882
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_pressynkey_lolbin.yml
@sha CVwpifGtuoOxo8OvcsjAnk2jX1Ot1rd3SCG5Pky3x1s=
@size 978
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_print.yml
@sha v8q1gR7EYFZb9O0g2LvF6UpoApepbSs8JRnjhUX8l+M=
@size 858
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_procdump.yml
@sha gVqS8j3aNzfA3C9ZL/iE+RKncVRaZk3eT0+JeVYdIys=
@size 888
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_procdump_lsass.yml
@sha wcmZgcGqB83JVunl8EGyXt6omctmrMpaFnJzfuiAMYE=
@size 1078
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_progname.yml
@sha HkmvV7piz67vfhwdvB5RxmxG+tfdQVwhT/KfV0wIwDA=
@size 1743
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_ps_appdata.yml
@sha z8WA35fdave8mLJhLuUdYGo/rhy6xV68fw7YJY1B/Us=
@size 963
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_ps_downloadfile.yml
@sha 3hut94bfR/bTwKKxsGl7/pw2Z2Eys5wWV/pxHCjItVA=
@size 787
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_psexec_eula.yml
@sha B1d+8LooylyJ1xjX1GvuX1e5ZfLt1A9KiijPlVh375Q=
@size 671
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_psexex_paexec_escalate_system.yml
@sha PV0WFQlhua5OB60mOme9I4q1day5K0+JEimtigCF5pw=
@size 1096
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_psexex_paexec_flags.yml
@sha 5i43F3zOKBxYXecfUC+OkzzxXY5RgsyVXTsxbOwTZlI=
@size 1327
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_psloglist.yml
@sha BeJKlIDxzM2T1lO3awxhgM6AqX8CXfSJGs5DxYlzyMg=
@size 1360
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_psr_capture_screenshots.yml
@sha tpHsUlfxB+tgMwcwU7hpbstFggTGFwh+lOPmbrbyg3M=
@size 774
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_radmin.yml
@sha W85WfuxOtKamsFryIXPUg0PVK2hP0UTCFHQlcixeteE=
@size 736
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_rar_flags.yml
@sha m+GYb1grO8Gwt4qlDYxw3FLiYH6Y/Say4v+5pK2r+m0=
@size 1097
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_rasdial_activity.yml
@sha 4KxctKRgVqC0GM2PzfGb+WYUDNOxEa4Zxgb10IUNozs=
@size 609
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_razorinstaller_explorer.yml
@sha l8I45g31r1rqVCt01G+rWuVzznvLSLlJef89Uv9J9kw=
@size 1018
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_rclone_execution.yml
@sha Xt4rEuAzqtbQ92svE9yqaKYAAZ7iyHlqSPVRRyDIWkk=
@size 2139
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_recon.yml
@sha 3UTUGFvwxIEw4X26eSk4Bry8fkVxxqeLDoUZCF0Dfbg=
@size 825
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_recon_activity.yml
@sha mzSY2SR4em0CLhAwoqEASmcGQGALR0gzktXXwUWe0L0=
@size 1055
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_recon_net_activity.yml
@sha ny7FVgYC4AqxfrhU4JLqRO66fT4SX2XKa6QV3/0a7eQ=
@size 724
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_redir_local_admin_share.yml
@sha TXmFTqg4ruH+A07s7GPUMWLan0qCaFggyt3A2zGBIws=
@size 697
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_reg_bitlocker.yml
@sha 8mc15WRANwYTJOkr6MnPGFJ+oQ4ln8/itA+jPFo4pOc=
@size 936
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_reg_disable_sec_services.yml
@sha zPtZNNAT7NfFJnRZd/UP0KoJTbhDgXX85wRKnq3fpMM=
@size 2442
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_reg_open_command.yml
@sha zVdxo/OomjTYh5KFE/7ljYQCD9o5R/x1b38Tf9bLPUg=
@size 1084
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_regedit_trustedinstaller.yml
@sha mw5+0ht1hTV/hyyXWNZBqp5DKENSeioyIDAHPQjlOlc=
@size 664
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_register_cimprovider.yml
@sha JoUwcABMmlpPU0AOfFUtwP8WinhN3zY9FBm6N180/zE=
@size 923
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_registration_via_cscript.yml
@sha +Ehc/19GepaP1uZ9BBjjichR19LJuK6b8FfcDa15xDQ=
@size 924
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_regsvr32_anomalies.yml
@sha GaSx19xZ1NKqjxGTBWyfMUXlxRMYCqgFZSTNJYmNQeM=
@size 2249
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_regsvr32_explorer.yml
@sha K9JKj2VOL1A+OUOd/q9Q8wyCFKCaaUknTMKtv1TjAXY=
@size 637
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_regsvr32_flags_anomaly.yml
@sha OwifephmvH4/5Lc1DFzZF2pThhd3l2obxmDcYa6GZAM=
@size 710
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_regsvr32_http_pattern.yml
@sha Hy6Cl2m1t39SddgpG2Fz19Z7J+4o7r1w4LoPblTh98s=
@size 1117
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_regsvr32_image.yml
@sha lM0kXA+Y8rw6Jv8jqTGRISd+TV9RZRJCmRFF99UA8E0=
@size 729
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_regsvr32_no_dll.yml
@sha t3r98TiJ0/wuVUqsXx1F5fQTPnG4TzHMYB2ResnEozA=
@size 1004
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_renamed_dctask64.yml
@sha l024GWDm8n65WKT7BRIPSpU76LuyTVLqvvVUSKSdvXI=
@size 917
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_renamed_debugview.yml
@sha mhGkd+2WInoKutzw+iT2TCsEFwdF+k6FHDR4qMKtyjA=
@size 663
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_renamed_paexec.yml
@sha 3VmDcM3FKNGOgcbZjeP6umaz2qk177Yk7+00YP9ym/s=
@size 854
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_rpcping.yml
@sha 3zByfU16WxdpBT5dZRJYVOjRXjiEZLiIXXTWzAJabos=
@size 1237
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_run_folder.yml
@sha 3RMpLuN3WSeMu5BywbLZ16Ffq/yamkDX9EEXOG5k3/I=
@size 1216
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_run_locations.yml
@sha MO5bQdjTSPT5a3Tlf5sJmEq8PTW5u2fIlZx6JUZ3a0w=
@size 975
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_rundll32_activity.yml
@sha fTsAFAQc99FV285x7GE4DjBtomG2alG4l/Ori1reT10=
@size 2344
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_rundll32_by_ordinal.yml
@sha 4rXykcgRNyZYTIviRZu1nmDaCb+w2pHQS96v2JGDp4w=
@size 1221
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_rundll32_inline_vbs.yml
@sha I6rWQM246AyiAt/BZ8S8JEyxITxp82BgDiycVdixz/s=
@size 765
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_rundll32_js_runhtmlapplication.yml
@sha tbtOHZBut4kZNnFLD7DRNggjCxL5ler0nhKYiZveEqY=
@size 775
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_rundll32_keymgr.yml
@sha 3mtVcaDNXt8YfURFe6EUDgwZVWvjM9pU2f16BbHKKZE=
@size 654
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_rundll32_no_params.yml
@sha yLdjaKgfo/QrQAzjHhXrLRa761dg9B9rguYDTpzMEdc=
@size 848
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_rundll32_script_run.yml
@sha QMw0l/wel+VJyJwe8KOo8HiQdMR2b18aWV0OBC1aoIU=
@size 871
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_rundll32_setupapi_installhinfsection.yml
@sha 3OsncihohsoviRoXFfTja/B6auSCeaDAHI3nowXXWnM=
@size 1581
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_rundll32_spawn_explorer.yml
@sha E6dj1XjmkgUoP8Zb4iCuzU6z3RCIvdR/dll49cig0l4=
@size 768
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_rundll32_sys.yml
@sha yz7jbD6Jh3IkXg3Nh/X22vq3KeeejxyiJc7Po9YCCew=
@size 781
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_rundll32_user32_dll.yml
@sha 35zLm9lSH4zesh7S1W9NpHNgVaYHFOulhuUb4WLwYsk=
@size 866
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_runonce_execution.yml
@sha Z5lNiyV9NE0jJll06k0pN9UJv72vUwf/gh3OvWcUlrk=
@size 848
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_runscripthelper.yml
@sha i0SEHXBIelFihJrEaA5lI8Da6LYhEF2yvGkNKJ6T0Fg=
@size 711
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_sc_query.yml
@sha oNpqFz3aKb+hFgFByN/uA+YdguAydzUKCCOtjXCip+M=
@size 586
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_schtask_creation.yml
@sha NRjzHq0m/9xTRv50oY28CanaL78R7ojD85iZzZcBIQw=
@size 833
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_schtask_creation_temp_folder.yml
@sha wxapaf6oN/T6t24vy9lJEfSB9/RYkl8fF6KqjM42MBU=
@size 846
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_schtasks_disable.yml
@sha SDwKWNT4GAgcbYjMTyEPkqGm7fi1hk0rvVfVlTQXcVQ=
@size 933
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_schtasks_env_folder.yml
@sha WskR+FUtg/7C5QhBGLOixZjPOG1vY16ePDM1S0IEkbg=
@size 1681
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_schtasks_folder_combos.yml
@sha Nw4RHOo3dCs9HdP/QacTTxJ8Ke7RUUBJeCVXICVXvSw=
@size 921
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_schtasks_parent.yml
@sha gRXMi9SZ1MwLaSA2FdQPMdRR2FCgGwHmAj+0bcpWA2Q=
@size 969
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_schtasks_pattern.yml
@sha uKuVk75GYvVwN41igk+DZfe9QEaFEnL7XoRRNRW0tKk=
@size 1594
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_schtasks_user_temp.yml
@sha MMgBeNcVIMYXptfxy4sXkgDGcgCyZ1jcHJFKstcollA=
@size 895
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_screenconnect_access.yml
@sha 1cCp7oJnXkuSTxPGN6njAsJXK1tiIHfrU+KpaKun89A=
@size 821
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_screensaver_reg.yml
@sha GdtHqHxT83vGbbIcqfaCMlXVBHZ7Pdiw9lZcYnrb+jM=
@size 1818
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_script_exec_from_env_folder.yml
@sha weDgp8yxWwCMx6r6t6xbwJ3rBesPsvUi3SuhHK85CZ0=
@size 1386
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_script_exec_from_temp.yml
@sha b3d5O/WWcOy9xvyFi3nSrAJ862/lHlki6BUJOVfN1Ks=
@size 1272
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_script_execution.yml
@sha kxul4sZhfsZLkOtFix3d59S/amqJMOnqqiR5/KtqFyI=
@size 737
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_service_dacl_modification.yml
@sha gTPUm5UCuVi/UICZYKM4/XfY0IARjJ/4TfBvan4LcO8=
@size 854
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_service_dir.yml
@sha QpcAcDX0UhEb9nkKw7G2KSvQ5SeVst1+nNE0IXltdJQ=
@size 990
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_service_modification.yml
@sha DUxedcnkbwPvIiNsUeuCGgiy3TS9zNuM26rcOnPcVgs=
@size 1028
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_service_path_modification.yml
@sha w68NdqYhE94K3o9Zz4zOncEOPnudVOHGJnlZBF+8SYw=
@size 815
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_servu_exploitation_cve_2021_35211.yml
@sha wJi60Az7i6jDBX5OB+Nwes/DNNCEM0hGTt4ejKsU7TU=
@size 957
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_servu_process_pattern.yml
@sha lUeNfGnYkGczkrT/ruSWgu0ZLaojYhWrRY5RWv9/iCs=
@size 1266
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_sharpview.yml
@sha bl2sCQY9ZZCSF23Gr6FXN2chasspbvqdPLq4Z6rrNZY=
@size 5111
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_shell_spawn_by_java.yml
@sha ZgMoRNL2dbi856+JlHzwGg6IwVx6CSN/sy7MujG1FLM=
@size 1310
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_shell_spawn_by_java_keytool.yml
@sha RhqlMdfbgH0316dYy+b6dJV85eQO+0HF2j6+vNukazs=
@size 1377
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_shell_spawn_from_mssql.yml
@sha GF7IL1PXWh5lF6x5ZTlGQfG4R9mcrY9UFsLzIBz7AH8=
@size 1048
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_shell_spawn_from_winrm.yml
@sha KTG7KbC7L0Qo6HnACGkV1JdnzILnx/UxBbV+tJKPGik=
@size 893
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_shimcache_flush.yml
@sha qjX/jplu9urVNlDG1iOtG8ig9m1CtQ8RyadKI2yz72Y=
@size 1014
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_shutdown.yml
@sha xRDRER2BKVyVMtgKnmPZv16FtpVf0BzlQ1fYZLNx3zA=
@size 708
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_splwow64.yml
@sha 3og35mgRBny8jl58vmN5YrW4V2vr13V4p5x2adYGRA4=
@size 629
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_spoolsv_child_processes.yml
@sha K4MeBnqzLGUBNoAcDTDAykry8K0sHUTj2T84laIW3Fo=
@size 2468
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_squirrel_lolbin.yml
@sha fnDIdfMEJeX/KssWohoDfVHLvtjEkXGso6swcEnYvrE=
@size 1727
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_svchost.yml
@sha GypR3PeGP1FcjfHVd/I8oVdvQxeMQagITRWo+8rIXdk=
@size 880
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_svchost_no_cli.yml
@sha CxGJ3BfzZMq0orS36hvUQ3sapfAqxYyRheeUdbZNPpM=
@size 1173
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_sysprep_appdata.yml
@sha DPMWrUll02juNJoRHIe1tx4EAMO5r+rRl9Hex+e/KZQ=
@size 819
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_system_user_anomaly.yml
@sha mjvALnLFdbuMB1vMElWvs/KDVxLSokI+b0Z3BFoEb88=
@size 3086
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_systeminfo.yml
@sha gjETP+EzQWvYDhqKBPRMkATtwxEj5CrElW87d8l7fOs=
@size 673
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_sysvol_access.yml
@sha ospANeLI1mN/ZPEQv6Gy0XFgDnwb7lhyqaQi14skpZk=
@size 733
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_takeown.yml
@sha i1XVMGHdsWMkcmYulxXQWAoFtzqxq2bgkYn71Ek/oh0=
@size 977
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_target_location_shell32.yml
@sha m4vb6iYX8HfP8RclIQhOUFrkR3lfZqxhflbarqDCYmE=
@size 878
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_taskkill.yml
@sha BtDYMTtFjqaEqn/lCiYgMUdIEeHryeo/3gVPfcoNhRM=
@size 890
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_tasklist_command.yml
@sha l9ySG4PQXJzPxmKK+QLheHQmWbRYIbUCfSMvLrAIg9g=
@size 830
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_taskmgr_localsystem.yml
@sha s/pklcOpfUxnIqFUPrOCkwjhNE7SSTX/4Mxkw36XGD4=
@size 587
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_taskmgr_parent.yml
@sha TmP90/JrwRgK+OnJZ5AuzNExwQsIHdCUcH0kkca7nIo=
@size 628
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_tracker_execution.yml
@sha zw89cw3jwZfQ8kj2P1D9mAeVuJr+6vxUu/n8EOW44QA=
@size 835
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_trolleyexpress_procdump.yml
@sha oAwVb5xEGPlHK8KJhev7Bla3KWUUSncgl2OeKRczem0=
@size 1334
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_tscon_localsystem.yml
@sha FEWynLepHU+gNaJjTTXzUfjLmyHCYnAYLphth0KQEMw=
@size 911
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_tscon_rdp_redirect.yml
@sha 0X8dgy4uirFbAO1Osax7ta/Oimj/F410oZ5v1qvaJZc=
@size 746
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_uac_bypass_trustedpath.yml
@sha /kw03hrFG44C9JNq94QNKj7Vc3ZUHzvX7Bl5KFDZZyQ=
@size 710
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_use_of_csharp_console.yml
@sha 5/qpQOpenOgQmMXmh9WgjrqRL/ljXm0WEsbKfH0jrj8=
@size 744
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_use_of_sqlps_bin.yml
@sha R64mX+bOKf9/ysaGzZOwaEJs5WtORp+6JgzbHZyMEOs=
@size 1293
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_use_of_sqltoolsps_bin.yml
@sha 0kvTF1vmaZcu0keGRDjTeEKQruLIKVLUSJiX/hlSUGE=
@size 1285
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_use_of_te_bin.yml
@sha XtyLGtgffQKnIPCBp9PFR+MdTzlG6HmKaq0hygjKZWU=
@size 1143
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_use_of_vsjitdebugger_bin.yml
@sha vuK4OhVWnoxfLh5AP+KD42fca8NB96rWNz8gMj8F/cc=
@size 1285
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_userinit_child.yml
@sha sg5oWG13e9uqeCgezdGhGUzDaWvBuy02iB1K2Xtqkkw=
@size 837
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_vaultcmd.yml
@sha x2vfwaRfFbMa7dovjQlkfkooaT9z6G/Fp2OCFLvAnQQ=
@size 832
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_vboxdrvinst.yml
@sha T0/SB+gecd1WOwK02q8couF7KfZNJ1b05EtsXlyzi7o=
@size 1083
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_vbscript_unc2452.yml
@sha NzOUhQWM7fdWcMiG058mh1/qfYtwVT4Pfl/q8FCrFa8=
@size 846
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_volsnap_disable.yml
@sha pRhT59OTyJ/5QrBSpwW6W56tc5rw9tXw8d0tq5QzqKI=
@size 650
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_web_request_cmd.yml
@sha nh4wVhJzaXs6unMcGQQNmEdsJelILxPfhpJV8iXStKA=
@size 1005
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_webdav_client_execution.yml
@sha J/Sopoi2fvIe/QI/87AgDl1NkmVjMN8p78f1vcWPVqE=
@size 1011
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_where_execution.yml
@sha X0fGFVXIQJ8Jxd4yijA0AUpQliOUrb8XTqM8kbj5Ihg=
@size 1314
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_whoami.yml
@sha qGgow861oPUI5oj7OseDNW0DGnQ5gSN/GX5YzX40FV8=
@size 872
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_whoami_anomaly.yml
@sha tFPl38Z7m4UloL4Gg+kB6arvc34F+wPwkCzlNhUprRQ=
@size 1367
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_whoami_as_param.yml
@sha hYcDH/ODxoPHV7tz8N6U3Fp3op85KZGUkBi5BJYIplY=
@size 600
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_winrar_dmp.yml
@sha 0YzBLyblDSurxXAANXAGiKYk6DW8ZsJ63K54GsNZsJ0=
@size 907
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_winrar_execution.yml
@sha 98estoQPH1w9UutPCt5fWywuCUmqYwnv0heip2v78gY=
@size 884
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_winrm_awl_bypass.yml
@sha 5N3/GikFpa4htspqc4v8uiwB7ba9zkKgsr35Fm5Uvt0=
@size 1130
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_winrm_execution.yml
@sha GMGgteXAbOk1fDRNWfoVIvP+WkeU8wKdx1QX4tbulUk=
@size 846
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_winzip.yml
@sha xRUtoKdumhnppd8H+qx6xriek3IRr2abNq1LcqeCNXw=
@size 886
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_wmi_execution.yml
@sha oFk1bmw7Y/ZAuAhBnohZGQ+YVD22Uut00YZrw/CHYoo=
@size 1307
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_wmic_eventconsumer_create.yml
@sha CeDOYEgnI5k/wvdUlscuGvSx9ezycj8h61bl7yeOoBA=
@size 880
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_wmic_proc_create_rundll32.yml
@sha xCoiYUlTxvmqXEjiwvhayuqb0Ipg8dSRmQEYXgEIhII=
@size 586
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_wmic_security_product_uninstall.yml
@sha hUW20qcSiOMFeFDxGpuatoKznK2oZLNc/fhktQiTBGI=
@size 1749
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_workfolders.yml
@sha MIU5ebDryoOR+5rAmyrf0xTPxQjBNe3DAF8P3ct5tNk=
@size 822
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_wuauclt.yml
@sha /rEv6OP4sZtmzjzkOyQKRAS9EFn+39PYfvOeiLwbQjg=
@size 898
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_wuauclt_cmdline.yml
@sha dmIkbM45e2AOkkGLVsd6ZeOuPGmpvEaDRqCOvOQvpaE=
@size 701
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_zip_compress.yml
@sha 8ynWS5ZuP+Bl/MVxw+xw7QfnP4oufUF5N521PEb1IIk=
@size 847
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_susp_zipexec.yml
@sha uu8zphXpXw7qPD6XKonJEMD3SXaglCdlNb9iGeHObho=
@size 939
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_sysinternals_eula_accepted.yml
@sha iU/5NdaKVdEvd0fStjsZVe4rg0G2aerzGmg7VOYJZDM=
@size 751
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_sysinternals_psservice.yml
@sha ODeljt9N+1H+DgtunCC90JSIgvbG7ne8oQSCnjN8OlU=
@size 727
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_sysmon_driver_unload.yml
@sha AgGz2wm4OiQmwxytTvFNL7M5cnGs7BTAmyncHQSTuDo=
@size 723
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_sysmon_uac_bypass_eventvwr.yml
@sha HmQcN8bq/bFlZPyt8l7BC9MoEU43Mkda8K6AJ6yNuhg=
@size 986
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_system_exe_anomaly.yml
@sha rewSXEIo6c7ojeK5x2Tq+JkEecpkOYQ3tQ6GT0Zn1Dw=
@size 2349
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_tap_installer_execution.yml
@sha L+d4QA3zVvaf7LH04PW/Yj+MZmW576Ge4L8EaMX27TQ=
@size 561
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_task_folder_evasion.yml
@sha zUIBuyayDVLjLTkfCGF6bRKX58LFBATAd9UliFoGnZw=
@size 1155
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_termserv_proc_spawn.yml
@sha QEVY4caAMDpZerw/b1wToV9VVrITbT8bbfQwE77sDpg=
@size 948
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_tool_nircmd.yml
@sha pc13sfAlQNIv6Zc6WMr/dHUiUwBwlam87CGoLk+xWsw=
@size 1274
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_tool_nircmd_as_system.yml
@sha ZI1XMNrzL1k7v/0C2V522br/y/aBLKRnPdojenMnTaE=
@size 819
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_tool_nsudo_execution.yml
@sha igyGZ7n9UJHEyS8JoWNnQl2tZoyvUpNsQW5Ad01kAT0=
@size 1439
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_tool_psexec.yml
@sha nPnJ57ZxA6GtJHyo6mDLMjY6bpTs3RdxMNQS58O2e40=
@size 958
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_tool_runx_as_system.yml
@sha o4a5Q2sMQOdHKGFHeHq2K0vwTioxryAWPAu23yHYGhA=
@size 754
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_tools_relay_attacks.yml
@sha DflVQ5xq1TJGK/BR2b5not1ujc7zObKJgseCyGT6F5o=
@size 1857
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_tor_browser.yml
@sha 0olH2PFSDFFxkviDe/+abTrAUFulRV3XF3ClVo6CGsg=
@size 621
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_trust_discovery.yml
@sha bwdRWVVID8rY/xoRRJ6oqi1aK0rGgvpUW9ZIKoPsjVA=
@size 1630
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_uac_bypass_changepk_slui.yml
@sha 2saZPVgGKaFtP5E8WS4hHnGNxSfalKzCeM9UriYuXDE=
@size 862
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_uac_bypass_cleanmgr.yml
@sha jcH8hJCObSElGrih9t/MJuAWVEdRxChnJBUv5AsNZPY=
@size 785
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_uac_bypass_cmstp.yml
@sha 5+p8zje7ukme0W/xiUl0nbePrpdAe+58ZwwNZ+rfyrE=
@size 1125
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_uac_bypass_computerdefaults.yml
@sha RalC7E23Db1TYyi7CnrBkDSoQsBaQnCubhOfr219fZ0=
@size 781
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_uac_bypass_consent_comctl32.yml
@sha ys8tgXrF1Fc5VT57X5WF09kdBJ6/XRotf/iM1CBJC68=
@size 702
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_uac_bypass_dismhost.yml
@sha YWzKJ0YCJsXHHJyYipNweSWIrM4CNqdxEnrtfU6cH04=
@size 716
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_uac_bypass_fodhelper.yml
@sha kzxNF6DPNqBi43X0zc9blddpLiMkctyTm2SOtKN7lkU=
@size 903
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_uac_bypass_idiagnostic_profile.yml
@sha qix6MgLFwfb2gAcWwzfd7vktA7PxeogcPebE2P1JBDQ=
@size 763
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_uac_bypass_ieinstal.yml
@sha aRz4Bt/FRr/AsbF1teHKxO6QDI+VZsj9IFGHtB3OjQ0=
@size 720
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_uac_bypass_msconfig_gui.yml
@sha n5sd+bqMasnmQ5emTgUAyMIjdtQBcitD38zA90/u4V0=
@size 739
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_uac_bypass_ntfs_reparse_point.yml
@sha KoJLNlVpNpDjCIfhPMi/GmudQqEUKqzujKWh3tsv9hc=
@size 1187
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_uac_bypass_pkgmgr_dism.yml
@sha YJgKVUCOdHHkvHJyHqF7vx3KFtLdzP+BpMGWms6QiKA=
@size 677
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_uac_bypass_winsat.yml
@sha n0Hv8pERT+5pjh5mbxx5fNjPtiIRc/lk//yf25v7ov8=
@size 766
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_uac_bypass_wmp.yml
@sha WpZVdyjovEYWCzG4NXdHa2plBam3ipHy6HI+oSFK5l4=
@size 916
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_uac_bypass_wsreset.yml
@sha 6A+ByTpSpQj4zVvQMP9IdXH+71sO1gHBuKVDSuCWQSE=
@size 810
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_uac_bypass_wsreset_integrity_level.yml
@sha MeV0D/DgyxL5OcaPkffUExAdUDGMxONlC2ZCXvqKl9s=
@size 782
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_uninstall_crowdstrike_falcon.yml
@sha bW5fRvBGD6gM+DqsDu7YK5LGR3rOlC/rIi5LTexSyvU=
@size 813
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_uninstall_sysmon.yml
@sha tRCabHatdB6yVCVeGoiw86J5GW1pjQeQnnnGQSfNke8=
@size 759
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_using_sc_to_change_sevice_image_path_by_non_admin.yml
@sha VWII3aqIJ65N/zns+/XpCu/DexNZrTrE2guZofuCNWg=
@size 1004
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_using_sc_to_hide_sevices.yml
@sha 572Z0iq/lQEYHOXgMtx3SsC+OpVeSmYev0AUTQ71ljM=
@size 896
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_using_settingsynchost_as_lolbin.yml
@sha G9xPQASAxblzejsU65vg+xsy98BbCtuZRdHf1Uf/FEg=
@size 849
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_verclsid_runs_com.yml
@sha tx+DTwTY7Rq8UvV7dzXnXpmkGFKLBN0Mf4TSooD1rC0=
@size 893
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_vmtoolsd_susp_child_process.yml
@sha l7gWWrbdUgjcoyHAlouEs6d+XQIviqD2D77KeJZycAg=
@size 1482
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_vul_java_remote_debugging.yml
@sha i5HB9/KzVj+Ij2ZZ6bObl3MKHLpt0vJzli3g/QWvisY=
@size 688
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_webshell_detection.yml
@sha U8tZcSGNVy+ETeBS+JDwm4B9TrTl8/946FTY4zXPx2E=
@size 2996
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_webshell_hacking.yml
@sha UAk96+pfOsg4O6SjFr0Mpy35ksJG8uKY5C5EGLpetPk=
@size 2960
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_webshell_recon_detection.yml
@sha cudA6ZCOPy6h80SMHVVVpMaeIbkzneHhw1cuKeUCx90=
@size 1475
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_webshell_spawn.yml
@sha RUoxeuJqDRbUn1axtMSAR2wObBkXezylYRXB+WzeYZ4=
@size 1669
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_whoami_as_priv_user.yml
@sha tgXBRk3VwXgmsFk25wpKH5RxPy3oLwjTKOnPznVC9Cw=
@size 805
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_whoami_as_system.yml
@sha G0aK+GlYRUMrsKI48TTHP3xgdStePrz3jyZxnhQ/otA=
@size 922
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_whoami_priv.yml
@sha 0yRdQ4xELmAYi0CLP4TRDtE0mebuCEvFbujlAGqCe38=
@size 896
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_win10_sched_task_0day.yml
@sha wXkG+w7asaFCFhAcAsunkQAG2h4vwAMSDPtx2xngAcg=
@size 741
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_win_exchange_transportagent.yml
@sha kOhgS2cAy/fDmCBk2f5ZPs55P8+JmOYvWsLY1zAzbY8=
@size 706
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_winword_dll_load.yml
@sha tYf6SJlUI2H3EpCVWKSotieD+IUZ+IYpv6BhvcZu7Fs=
@size 660
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_wmi_backdoor_exchange_transport_agent.yml
@sha DJhkA1FEb9ESmzK1ltl/naVvbB4eacIvRTPVXLApXVA=
@size 690
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_wmi_persistence_script_event_consumer.yml
@sha +OYbtBmc2p3sGs9BWITYIz+yNpKCsv8fb09T0RgxzOk=
@size 623
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_wmi_spwns_powershell.yml
@sha 9LBHNSPhVgASsXcDja1qFKM3T8V+PpRGfFoups2roiw=
@size 1078
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_wmic_hotfix_enum.yml
@sha 2i2QI/snBwYkLgxrgSvG91ngFErLU9tXWabZA8ov+2E=
@size 908
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_wmic_reconnaissance.yml
@sha NRLM+inaGjMlJ4Wj6gJc5Nl8lUv5+HJj5vJDKqYF9M8=
@size 1064
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_wmic_remote_command.yml
@sha WfpHg3sCza7Azt0ZgZMQKU0DnJn/4yPrkAlB4cXg588=
@size 845
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_wmic_remote_service.yml
@sha o9IKMbcUdAiO/9FUh59xnKkyMf8QCiAzZNuWUVJtdl4=
@size 1210
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_wmic_remove_application.yml
@sha waD1VPxtbX58zwWTSHmExrP999GVerI1Qm9reSDGJDY=
@size 677
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_wmic_service.yml
@sha 6dPIHH2cBoUvupMa2YDPDMUBgXTGa8RAZowPKph26xM=
@size 796
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_wmic_unquoted_service_search.yml
@sha Eo/ZdVEcCbeC0OElM2gFpVcJpA9NWC2IMwKeYwVQbkE=
@size 1004
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_wmiprvse_spawning_process.yml
@sha EEXaFdFx+Df1rgPlNdrcXa+n2tYZURpmoIT+ItbJdqM=
@size 1027
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_workflow_compiler.yml
@sha msiGZIAVtES5ILhbY3r9ogoXhCbuIHt37uOBzz0qIlM=
@size 1069
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_write_protect_for_storage_disabled.yml
@sha 8bNiz6nOP5z4JOnLQZt0+pFtGFQu6nRaEJHOMm9VA1w=
@size 837
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_wsreset_uac_bypass.yml
@sha 3izwCtHiQ2eS0+FIYpdRZwFbD308jAe4bfOORaCm1Ss=
@size 773
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_xordump.yml
@sha JXmBLcDGoxuX7LcAkzOl/nO3lTDV6mkdL435LEvFGgo=
@size 737
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/process_creation/proc_creation_win_xsl_script_processing.yml
@sha A+x6RYCd5H5jPoSF3cnVdBX+VzZR7UhFVCUE8syX35M=
@size 1380
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/raw_access_thread/
opensearch/opensearch-security-analytics/rules/windows/raw_access_thread/sysmon_raw_disk_access_using_illegitimate_tools.yml
@sha fyrduesvYHj38n3iN/C+uXNRKabB4DJB+BA2/tPx5RQ=
@size 2147
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/
opensearch/opensearch-security-analytics/rules/windows/registry/registry_add/
opensearch/opensearch-security-analytics/rules/windows/registry/registry_add/registry_add_logon_scripts_userinitmprlogonscript_reg.yml
@sha FB7Tbaf0mMoZJFyzBVShMSBZG7JmPnNPNveicE8MrWo=
@size 741
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_add/registry_add_mal_netwire.yml
@sha EqESMtenVrQtULUE5rhlxWE0Uao5ZwUITplbB5alJj8=
@size 1477
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_add/registry_add_mal_ursnif.yml
@sha FOcn68AJaRAKhAA7CwnVcu9skuQNIAC7LsmPKGwm5ko=
@size 1071
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_add/registry_add_persistence_key_linking.yml
@sha H5+ZERCSD+EfGN1SgJNAWU1iAjzEjdd+nj0wmhSrMEo=
@size 849
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_add/registry_add_sysinternals_eula_accepted.yml
@sha e1iA1cpEaYnVu0a8Ke9SCzA9dm4v3ebi2cHXAktZ4xQ=
@size 691
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_add/registry_add_sysinternals_sdelete_registry_keys.yml
@sha D4lgpU4xKTHhla9Tf8b6Irq4wEqnHWOz9ujD8FivY74=
@size 882
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_delete/
opensearch/opensearch-security-analytics/rules/windows/registry/registry_delete/registry_delete_mstsc_history_cleared.yml
@sha XYFl5QMHVUxcPiVD+QJKMcMkLXmvOHitntK1BA7BNpE=
@size 943
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_delete/registry_delete_removal_amsi_registry_key.yml
@sha ccwYux3TV57ojWDvbh8rxX5mlp8dFL9fjMFnPtdNH9M=
@size 878
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_delete/registry_delete_removal_com_hijacking_registry_key.yml
@sha 2nJewCI5inoByMezGGhMepSQ9ZgPZQRKJOrijl0y9rA=
@size 1610
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_delete/registry_delete_removal_sd_value_scheduled_task_hide.yml
@sha HcKcqdEHojmyypfxniqZGzwaUTo7ZwXJnI6zbjcupZI=
@size 880
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_add_local_hidden_user.yml
@sha Xe48e1HzadTakDU/Khh9X59cDbfwQ0Loaha5yz2G5IQ=
@size 690
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_apt_chafer_mar18.yml
@sha yaT3nzNVH47zWR1IYpZi0CcnrNcN8MBDsUEp7wMEzog=
@size 1019
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_apt_leviathan.yml
@sha T33eV8tZkWxKFuULxDeeiLtu7WEItfaDSgwKTFWNLDc=
@size 614
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_apt_oceanlotus_registry.yml
@sha vBB1mk1z86D/dKMKc2QWgnfGy9vMZT5YVXuXsXDCXhI=
@size 1736
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_apt_pandemic.yml
@sha TpkCQIc4WbK7IvWextC5vlM4aKuDqg2DmXiVXQgp0EY=
@size 718
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_bypass_via_wsreset.yml
@sha cs6mnms/S+iWGzx16cCAu4i/KKp/H7sGkSrLSVaFkFU=
@size 904
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_cmstp_execution_by_registry.yml
@sha PcB5s7XSiMklFmDiTnjsvU5rKviv3yGSDLf/8NJOUQE=
@size 857
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_crashdump_disabled.yml
@sha jWsoLwVzX8ZZMQhoXasyApjI2dlAmfGgS5q+g9LdNf0=
@size 679
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_cve_2021_31979_cve_2021_33771_exploits.yml
@sha kFAJKG0jnyuiS611tP7F46zLIGPGDAghq8vlVZoBz+w=
@size 1253
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_disable_security_events_logging_adding_reg_key_minint.yml
@sha rT9SLsVRE2IZy9u7l8qPT0qAE3qWbK0JvqMSdqw+zjM=
@size 969
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_disable_wdigest_credential_guard.yml
@sha HX8LRYop8Spr+HvQjiHl6Vws4QgKOv8xGoJHlUsCiMA=
@size 815
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_dns_serverlevelplugindll.yml
@sha MDs5TnbyXSqYGA3hbsoCVr4txihdgaCMAPZxpV+KjY0=
@size 880
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_esentutl_volume_shadow_copy_service_keys.yml
@sha Tb5uVxISfKh678DaqCu8fY12w9jKmpxFiblAtYrrXss=
@size 1048
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_hack_wce_reg.yml
@sha z2fQvWXpWNxGehw60Yz/gAO9inwBEyvGdism5OIk0xs=
@size 577
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_hybridconnectionmgr_svc_installation.yml
@sha 3jwRROQhHQGGoiO+Utb5Y3tnjRJd9D4KDzWvWlas7Sg=
@size 849
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_mal_azorult.yml
@sha UtMRE0FY1oqNun9xiQPKL1XdGb1uCePHnGPTVJu/S3g=
@size 718
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_mal_flowcloud.yml
@sha obpwiU0kRZDcqlzsijM4M+rvFPMfrWNtTiQ3lS9KRRU=
@size 823
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_mimikatz_printernightmare.yml
@sha gzM/HFb/lefelnwlhWdh46pp2haFWXt2wXyVlLgglFo=
@size 1513
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_modify_screensaver_binary_path.yml
@sha kVTHiMMB22UULA/3MnhHPd04PGQZ9rEcllklwq+KztY=
@size 941
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_narrator_feedback_persistance.yml
@sha 5dBWSYX/x+n9e1VL7MHrpztOZi9pfPDeUfQzl8ZcoGg=
@size 816
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_net_ntlm_downgrade.yml
@sha 8dWoLnurt8cDD/7W4hAcEo1k/we2y9GrgP46mgSPMiw=
@size 794
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_new_dll_added_to_appcertdlls_registry_key.yml
@sha lMc28qTOB9lun6tHMp55hB2hlbgVmw/awZ/FoeYwyck=
@size 1172
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_new_dll_added_to_appinit_dlls_registry_key.yml
@sha zprhQnCK8aGzJ8Gdnf+fN3T6A14SJo2nXnArexcS0vc=
@size 1299
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_office_test_regadd.yml
@sha CmT3jaim0EISaaXfqcURZf+pEOweSkCXF6o8/Hz5Hv4=
@size 781
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_persistence_recycle_bin.yml
@sha HaYF1S+u1dtWP1Xp8qgjqDBzTZVc+fKhWVrImeJClmY=
@size 845
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_portproxy_registry_key.yml
@sha sc+axmiBDQZ+/i8nGGCrWYLvzZ8VaC2hLKWEy27LfOk=
@size 1123
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_redmimicry_winnti_reg.yml
@sha uZqvAcXOWkrdiiiEzf0MjsbzfNzT5lBPTIyUusmjlJo=
@size 541
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_runkey_winekey.yml
@sha Mi7gLHtPuRGWVB0Z3EBsBmimPAwd5jLrnMMCDxRVcWY=
@size 703
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_runonce_persistence.yml
@sha g/EKxgbYk+twMdrjFmOANRrHXbvp+R2RoLFhVwbqUUU=
@size 1364
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_shell_open_keys_manipulation.yml
@sha gL2ooT/id07ErYFQaHO5+5/68DwV329by4U3OmNg6yg=
@size 1526
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_silentprocessexit_lsass.yml
@sha BB+0n7Amh29JtEoxSur6rPipsMKDegdSx5C1zu3p9Wc=
@size 855
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_ssp_added_lsa_config.yml
@sha EP6N4wUYf31NoxwqmNcc4GK7nMmyIOMaR2QrFm7dawQ=
@size 997
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_stickykey_like_backdoor.yml
@sha eUDVssItCCJaKDPYQJ9MpzNzKgq//L93393uzk1fr2U=
@size 1509
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_susp_atbroker_change.yml
@sha TmbTKtgoqm/We6tO0Kk/XNB1lcruQIfDV1DlEtGB/M0=
@size 978
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_susp_download_run_key.yml
@sha UR/z8zzb+5sif+eVlO3zh0yFrr2z9k2tsrEhVM+/BYY=
@size 828
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_susp_lsass_dll_load.yml
@sha F+IR2fF3mp9hSYQYTBDlpjLQ038rFt32pECd/4tgeRk=
@size 919
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_susp_mic_cam_access.yml
@sha zK/PZ4Q/mZXrf40fX3CbkBaIJ1zk1JWFDmPSZAwTtQg=
@size 1186
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_event/registry_event_trust_record_modification.yml
@sha wbOxQ+kClv61tJAuaLEVB2Ua6tdUvuRc9OCGzu5ezes=
@size 746
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_abusing_windows_telemetry_for_persistence.yml
@sha sxw6f9cUooNbf8P8gXemj7OArEsppZnv1RWdZ7qEiJA=
@size 1368
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_add_load_service_in_safe_mode.yml
@sha jPsQK1reix+dqfTT8DHKDaF8zjr7WAeNgnFj9m/o3ZY=
@size 1416
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_add_port_monitor.yml
@sha XRPG9zL7dGZrbYjM+k8qAAzAWys5WYc0FMEsyx7wlH4=
@size 1212
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_asep_reg_keys_modification_classes.yml
@sha Tc7I/Pa1RPnTzO+2USldSsvvSTQusVssTgYlgG2xVSg=
@size 2359
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_asep_reg_keys_modification_common.yml
@sha Jcm7oUb4rirTxSK5A1ZDUKpQ5PxYF5n0075/tui7ejE=
@size 3906
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_asep_reg_keys_modification_currentcontrolset.yml
@sha L/O7OVe17SCPTBayYuKPnIUxqjSkbfBIpvTo4ORmzAA=
@size 2130
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_asep_reg_keys_modification_currentversion.yml
@sha LhRKvRwmyP0lPyO3dG3eQakz0R002XBFt1NVz3/ExAU=
@size 6124
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_asep_reg_keys_modification_currentversion_nt.yml
@sha DtugqsGS0dya7N9DjegbCtG7b1zC5W6O2N9gicGeqeI=
@size 3705
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_asep_reg_keys_modification_internet_explorer.yml
@sha PhmBP6PEoyYiwBDJe/jc0PL3YZtGHXtK3/MhXWnAu9M=
@size 2072
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_asep_reg_keys_modification_office.yml
@sha oAnWJ5m0mxbDvctkjltbChNgbbFT22zpTebIDKWYNCU=
@size 3242
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_asep_reg_keys_modification_session_manager.yml
@sha D2xTi9d92Wj3GFJH+sEc3J1H5BguFhuTE30aJpr6ZyI=
@size 1623
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_asep_reg_keys_modification_system_scripts.yml
@sha 3vXLDXJkduzdpZ2HZVQ0QPRPFf2skf0rb12/vQ4gG/c=
@size 1516
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_asep_reg_keys_modification_winsock2.yml
@sha azj3niEjaGUh7u/55Ny3dxzW0RafNy+ABYc6ZdtvV98=
@size 1666
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_asep_reg_keys_modification_wow6432node.yml
@sha E3qRXiCG0nk7CaQzA6VXktJ22R5N5ds1RikBx29k1cs=
@size 3902
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_asep_reg_keys_modification_wow6432node_classes.yml
@sha 7u7V+CTVV92T7Qrycgawvwh03qcobBZKG2fSyVcO8n0=
@size 2108
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_asep_reg_keys_modification_wow6432node_currentversion.yml
@sha ZI4xy/PnPBAYEQUcuM+t05E6w9cfVDPNTkWnK7PJ/qA=
@size 1729
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_blackbyte_ransomware.yml
@sha psZIumBHkQEMYmThPDfLMpfM6wvJLp449Mji1SdKW5M=
@size 1095
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_bypass_uac_using_delegateexecute.yml
@sha eL7OKzq5u6dLixiXdWN/MyAkZctHWfPn+ISdI34aFqo=
@size 913
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_bypass_uac_using_eventviewer.yml
@sha 9yNljUWK6yKSMpcyTG7vRzw02siB8pguMdwLLumGQk8=
@size 914
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_bypass_uac_using_silentcleanup_task.yml
@sha QgXx+TjS7M/Wgda4ifPauc80tc+OH2+577PX3KN5Cy8=
@size 966
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_change_rdp_port.yml
@sha SgPzJU+lbIX0Oh/YzlFEOx2NREBPGjP3YKrs07riOaY=
@size 1020
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_change_security_zones.yml
@sha YAQZrVYjf400AsdDAofArpAG7+xmRFKxJo/2RybPOR8=
@size 1031
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_chrome_extension.yml
@sha mL0A9eS5RajESO4Rcn+jF3EPpHDKHrRPxmgnuF1CJRE=
@size 7465
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_cobaltstrike_service_installs.yml
@sha 37dRvnbquUSFYkKh5+r+trnaFQw7L5EQIDIuCyHQQVY=
@size 1440
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_comhijack_sdclt.yml
@sha 8bEetyPHEVsJ6hxbyYoxVK5KfNWmEH9YxuxdRwSpzTw=
@size 678
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_creation_service_susp_folder.yml
@sha Y4DVDJblXRUsW06h9EIinaMJYQ5Nc9fmCwozJ2k5f/o=
@size 1284
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_creation_service_temp_folder.yml
@sha jsJAT4t+TvwOO2Gc9wJy214HTbWXkdRymAN2m8sjplk=
@size 1125
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_creation_service_uncommon_folder.yml
@sha nbMKBUgjSe4Ry1IQd8CJ7ZsRF6SEQpGAGb36dgkx6QM=
@size 1498
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_custom_file_open_handler_powershell_execution.yml
@sha 0ssqFIabIAhknNge0/d9OgmnrzEOiMQ5hE9p2Qn9a/I=
@size 741
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_cve_2020_1048_new_printer_port.yml
@sha 2ZFWHIonBhMHekmYg25FWHYc7Zb5Y85aWv89jqqTYFs=
@size 864
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_cve_2022_30190_msdt_follina.yml
@sha UK3D2jn5rsvESrcAAeVOTRktkbZAfadzJyj6zfv6ZrE=
@size 761
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_defender_disabled.yml
@sha YABIlxmo0MnIWCONYwCrA9mW3jr35uS9hEaDesuREgw=
@size 1483
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_defender_exclusions.yml
@sha xp2PNSFmIpbBGUrGdVMRxYzLdYRYF1pXeYPwz/kgusc=
@size 723
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_defender_realtime_protection_disabled.yml
@sha iWCaMD1vc5R9zSBmfHOgFcZpHANwgoEtvXOpooSkr7c=
@size 1713
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_dhcp_calloutdll.yml
@sha tKhDRxOKxuA2/H9h3PPp9dyXA1mTsGGejVa41ApGOEg=
@size 965
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_disable_administrative_share.yml
@sha M8BK42fytA/UYQZZOPX7k4zmqtSoOm9XaAV5RaKM2y8=
@size 1016
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_disable_defender_firewall.yml
@sha FyqT6AkmIg+Oi7beQumRlsqPu2aRKI/rrISsO32YpZU=
@size 1284
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_disable_fonction_user.yml
@sha XPJi47kEoZB1Jxk4ApmSARayf3mOBAdY+fumqdsEW0k=
@size 1934
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_disable_microsoft_office_security_features.yml
@sha +zeUrT9zwf3RXCWvC3sofVP3hIAVnAL569h/hWJJkpY=
@size 1617
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_disable_system_restore.yml
@sha 3fJW6cLGxc41+GOdhPG6zgVQydPZf60GjTOsBp0MLKA=
@size 939
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_disable_uac_registry.yml
@sha q3zKXG9BHdNT2cVh2BIjdZLeNfxikFH91YBNDMztVw8=
@size 860
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_disable_winevt_logging.yml
@sha cbtFjDdYm32vhStTQoMD//lu6VMkGcYY3dGr3qOWaTM=
@size 1098
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_disabled_exploit_guard_net_protection_on_ms_defender.yml
@sha FZWqiqQ46+ehph7IZFhHYfJGDhObNuf7B2C4/pvABaw=
@size 847
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_disabled_microsoft_defender_eventlog.yml
@sha CkeaejZRFSWD22xvSH78KycvjfThWgle8RTlI3Xr7yc=
@size 845
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_disabled_pua_protection_on_microsoft_defender.yml
@sha v04AX9RGC49j0qo096Tna4Knt6e7L3dKV0eXTxk7dCM=
@size 736
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_disabled_tamper_protection_on_microsoft_defender.yml
@sha 4rIVln6Pw6k8NTc7QHdPTfr2ovMHo8JXrWLR5HoprTE=
@size 1095
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_dns_over_https_enabled.yml
@sha YL7vYoF2zcVEaWZOiXzN/KYVKHRk474WrXSkIiEAyhU=
@size 1507
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_enabling_cor_profiler_env_variables.yml
@sha koM/Py8fd3xsRKkcq9YBazKClB7M9m3fyV1MF/8GYn8=
@size 914
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_enabling_turnoffcheck.yml
@sha Ud1J/K1NWUiV5oh0sIsFXgMcGy3tyJcrWD/tAgyIyJ8=
@size 808
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_etw_disabled.yml
@sha IPC/YX9SJHOY8TD+omBWfGCc++YMrU+AK1nbxuF7Axw=
@size 1607
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_file_association_exefile.yml
@sha 2WXgj0KJsrrPEv/JrDPqA8NyOZcGmxVmKFvPtn9JowA=
@size 653
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_globalflags_persistence.yml
@sha n3PuHhvZs5Y0i8CqupsqqldAUOb6U79AovRv5pdkOhA=
@size 1063
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_hidden_extention.yml
@sha ocIhCgc/k+rNjLABeSxlydQ64A++D2IEj+d9ja78F4s=
@size 1174
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_hide_file.yml
@sha UFwSSbkRYVWwQuQnTonQi7iNVnB8zumDrb6pji+wjo4=
@size 955
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_hide_fonction_user.yml
@sha icl2jnrEItwjuAoKGw3iQ3Ig0MnhAjMashrpbkQh1T4=
@size 1496
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_ie_persistence.yml
@sha Y5WYEnb4zRULC0SXNgVSAflDvcQv3al6ZxUzUL5OblY=
@size 1167
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_install_root_or_ca_certificat.yml
@sha nCly/yWWRas2N4tGs31kGwKurSDRowriSUGupGCWzZE=
@size 1585
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_lolbin_onedrivestandaloneupdater.yml
@sha QR3HxibsEzO3zZZXXUdc64eQXCpR/5L4/f7nCqO61Zc=
@size 888
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_mal_adwind.yml
@sha 0dx68kgw26MJjiEn6CE3UCQo+dmclHcGVeXa5+pxHg0=
@size 984
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_mal_blue_mockingbird.yml
@sha fpEYMhmNOQTHlpW1pJ92rCwZg4abuL8FxBv/b8KQKUE=
@size 709
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_new_application_appcompat.yml
@sha XXaWv6GSbQKd81mYqk9I5ApuxwcjbI3aKq5WKC+TiDI=
@size 988
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_office_enable_dde.yml
@sha 53XcrlsXVZgA6bNmZimZkqBBAfauvE8n19Ddm/bTEaE=
@size 958
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_office_security.yml
@sha +A6Ww0vRjEZtOGfJoLn3ncj97Y9nwuuriXwMopRcf1k=
@size 1041
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_office_vsto_persistence.yml
@sha i5e9MQoK2XAXCTQ6ICCBxO7hZnOo/nwL221VcKj73eY=
@size 1469
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_outlook_c2_registry_key.yml
@sha JSQDlb/sUhSUaI2u5LMNesvNqH8dT/n63IsnuWDnrD0=
@size 903
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_outlook_registry_todaypage.yml
@sha cGDsZwNHzjXOfT6T1oEVVX71Ln1IhGTwmhOavelVneM=
@size 1152
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_outlook_registry_webview.yml
@sha o4jAWqJqwF0tV6kScNsaDDiqVhxApavsyluMF71UXAQ=
@size 987
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_outlook_security.yml
@sha YjNkxFQALUoFbBlKzeHi6EFh5f95Ovi1NdyYcwdXAFI=
@size 788
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_persistence_search_order.yml
@sha s16aHP+jsXCrbNtHYl2TOhw11t4+Ay1fayU5xCZif0M=
@size 2887
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_powershell_as_service.yml
@sha gSAoG/GTF1A5hbaeb4TbVvj1x+hO778zEI5CiGNDfiA=
@size 741
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_powershell_in_run_keys.yml
@sha TKjCtOjzOvnY0yIQWP1/l7kiRUEu8dV2LdZQsVEOD20=
@size 1040
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_powershell_logging_disabled.yml
@sha aFyFDny6uX4NpvzWjgn00Pc/yoyUWlMx2qbElVkZso4=
@size 1171
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_rdp_registry_modification.yml
@sha a9fCOPmUMS+uUozwNGLSstrle3BXPvtc4fUpe7umjD8=
@size 938
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_rdp_settings_hijack.yml
@sha xZhqaAGgM8YEtK/gheqprUjnal6P/iY91XxFNSF2HQ0=
@size 1269
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_scr_file_executed_by_rundll32.yml
@sha BU9esDtknCthkT7RsUQY/RA3QNnQl9q28i5QcgeVZ7o=
@size 1069
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_set_nopolicies_user.yml
@sha 3j2BaF4uXaX89eFMzpAQGsFYAvgYrJ5hwBBsV8vPHvE=
@size 1620
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_set_servicedll.yml
@sha H3ix+65/DARjtHUItHFujAkOLlE82znp6eZd6uZG69g=
@size 1180
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_shim_databases_persistence.yml
@sha dnayWLk2XRORbHij2enw1NB3QErNRUzcjKxd1+qg4jE=
@size 1301
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_silentprocessexit.yml
@sha N7ZiNF+SF1UNDkejwzJ0JwCkVm//mc3KQVHQfJepIhw=
@size 899
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_susp_printer_driver.yml
@sha UbGdGqnBSRZxEodiOvLuh8vPNbm9GVQkEVv+m+kHpbc=
@size 889
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_susp_reg_persist_explorer_run.yml
@sha 2JpeUJXRXWYGRqilG5KIf2qfThnhhFPr8Q4bS0IfNcU=
@size 1020
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_susp_run_key_img_folder.yml
@sha JtiEYJxymmdEENlcPTuLOI4vaCt4cv+JLlj8AbXF0UI=
@size 1283
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_susp_service_installed.yml
@sha pcXCtenkJ80MLenomEjeoaiJ6+rfNIf6zdFfUoWhjvE=
@size 1340
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_taskcache_entry.yml
@sha IJkcBKrKv0aHrwBjanvvh64FybkteWznZVfln70MS6k=
@size 1360
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_telemetry_persistence.yml
@sha AVp2v3HC7NNMuHdIsxUuVihQ++ixgjfpBDonX26sayg=
@size 1025
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_timeproviders_dllname.yml
@sha IhQFBT1GQyYIotr46H+c8yobL4QrvRi1W7EAi+UgLfg=
@size 1035
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_uac_bypass_eventvwr.yml
@sha l2bDhVUwJpD/i4d8/BOMWm90Pu4uArApLUyaW3pdYvo=
@size 832
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_uac_bypass_sdclt.yml
@sha gbiEONlbNON2DXIgpxp+hT9XbmY4exZ9k6uSkqOtcq4=
@size 984
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_uac_bypass_winsat.yml
@sha 4tc/b3vwHQCoa0ep61oawoG7/fhh5tfqkTqaIx3DHho=
@size 842
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_uac_bypass_wmp.yml
@sha CM9n3QMKnBB041/Hhn2O4x8NqnGhgpMJ8eiYufpk/oI=
@size 807
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_vbs_payload_stored.yml
@sha 3vp4W+85ER1cWxxBsuhKoEupHu+KqlCNNKJdEyQNHHk=
@size 1495
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_wab_dllpath_reg_change.yml
@sha MZtr1Z5M0wtM1IohhWdOywLIg7l/EDPGN1aq2f0XUmY=
@size 959
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_wdigest_enable_uselogoncredential.yml
@sha TfZKMgf5mGcXetFeVHKiY2yFKUWhmHl2rflG3NbASPY=
@size 1025
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/registry/registry_set/registry_set_winlogon_notify_key.yml
@sha DkzrAinWieUNxBiIhLfTfYMFMDDTYf+oQimvat3C5A4=
@size 972
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/sysmon/
opensearch/opensearch-security-analytics/rules/windows/sysmon/sysmon_accessing_winapi_in_powershell_credentials_dumping.yml
@sha bomw87IB0nxn37rPHAQgYIa5edKB3jj01PDvzWyNXzU=
@size 671
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/sysmon/sysmon_config_modification.yml
@sha PzO9aimx3Cm8R/LloXxDdki1pyRRYwPNTH/iCJIgmew=
@size 756
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/sysmon/sysmon_config_modification_error.yml
@sha joRKnKOn15RMaFVOkBPDuflrDwZ0594thV5VDe8FaJ0=
@size 1188
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/sysmon/sysmon_config_modification_status.yml
@sha qgvvEXipK8ySQxP6BlcVIjaMVe+ntjXUnCC0IsR0De8=
@size 735
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/sysmon/sysmon_dcom_iertutil_dll_hijack.yml
@sha mnLA1c4EGLmdbBvBnbddRtYMMJj5FNo7G4kPJ872LQ8=
@size 1086
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/sysmon/sysmon_process_hollowing.yml
@sha OsYMlui1W9UGmt3zuhl0+0Rn65b5krIcZlmZqBLNqYQ=
@size 1089
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/wmi_event/
opensearch/opensearch-security-analytics/rules/windows/wmi_event/sysmon_wmi_event_subscription.yml
@sha FgP/bF3N4Ap6e5hWHnfaOk2WKk8BT/87ViLInoBTYuI=
@size 534
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/wmi_event/sysmon_wmi_susp_encoded_scripts.yml
@sha BlFNDZdvaEeYffsabMAOZPwkS0x+7vh+JXI9vu725T8=
@size 780
@ts 1768594064
opensearch/opensearch-security-analytics/rules/windows/wmi_event/sysmon_wmi_susp_scripting.yml
@sha DK9+JQw8Z06FDfxR5deHHocwHyVCe/rJ2eu8jIgGTa0=
@size 1378
@ts 1768594064
@mode 0775
@group _opensearch
@sample opensearch/plugins/
@mode
@group
opensearch/plugins/opensearch-alerting/
opensearch/plugins/opensearch-alerting/alerting-core-3.4.0.0.jar
@sha 7v1R71EBJtjjwTLSRVRXM6riXPZpUHm1no+yys5FEak=
@size 127049
@ts 1768594064
opensearch/plugins/opensearch-alerting/alerting-spi-3.4.0.0.jar
@sha Khwm4WA4pYggQFfJw1AjX8/JpNO0lN+jM2zB7R4eX6k=
@size 12544
@ts 1768594064
opensearch/plugins/opensearch-alerting/annotations-13.0.jar
@sha rOKhDcji1f00kl7KwD5JiLLA+FFlDJS4zvSbob0RFHg=
@size 17536
@ts 1768594064
opensearch/plugins/opensearch-alerting/common-utils-3.4.0.0.jar
@sha EaluPH7jkkdcfb7DZlVUkVrcBua+kn+YNFhESwDOKU0=
@size 878286
@ts 1768594064
opensearch/plugins/opensearch-alerting/commons-codec-1.13.jar
@sha YfejB56Suf3WBSONApWvX9EaxBGgoK9I3qzh9sX/oHI=
@size 344339
@ts 1768594064
opensearch/plugins/opensearch-alerting/commons-logging-1.3.5.jar
@sha bXp0TkAnZJ+7UIld+Ul9EJ+Yx2amNwYv6NLqu7MUC6Q=
@size 73737
@ts 1768594064
opensearch/plugins/opensearch-alerting/commons-validator-1.7.jar
@sha TXT0zk+2iyYX7a0Ibfbe/fkzhGfSN30sYuaQOOHE8C8=
@size 189675
@ts 1768594064
opensearch/plugins/opensearch-alerting/cron-utils-9.1.7.jar
@sha mUITuBdDcgZeDOUo0VNykyS9/enOV1cmeFTMEesWWTc=
@size 172219
@ts 1768594064
opensearch/plugins/opensearch-alerting/httpclient5-5.4.4.jar
@sha P4ZX6rkbdTPlzyMtTiaCU8T/n5nx5LzWeEFhi+1n8t4=
@size 911620
@ts 1768594064
opensearch/plugins/opensearch-alerting/httpcore5-5.3.4.jar
@sha 8rL9egFk6MMSDNhDe8n+pDkjnhZcFyYrPpB9qn6Xn4A=
@size 908601
@ts 1768594064
opensearch/plugins/opensearch-alerting/httpcore5-h2-5.3.4.jar
@sha H7TzTkthLnwSetaTM1WDWHhQsXzpscNm+d4cpJ/ix4E=
@size 241692
@ts 1768594064
opensearch/plugins/opensearch-alerting/httpcore5-reactive-5.3.4.jar
@sha EPMnrkhmgQW4kgX7AXf2ajMECwr0RVqmj/OD07p8DLU=
@size 20591
@ts 1768594064
opensearch/plugins/opensearch-alerting/ipaddress-5.4.1.jar
@sha GCEWL4Se6zHMHDr3Nv+wtNPmiwGox4Jn3hka//pzkNc=
@size 890363
@ts 1768594064
opensearch/plugins/opensearch-alerting/json-20240303.jar
@sha PPbNaJLjLitMHDng9S9SSKL1s3ZG/fu3mma0a2GEFO0=
@size 78332
@ts 1768594064
opensearch/plugins/opensearch-alerting/kotlin-stdlib-2.2.0.jar
@sha ZdEthaO4ZcFg25FHhRcSpksQ2t1osi7qIqlb+KhnDco=
@size 1750373
@ts 1768594064
opensearch/plugins/opensearch-alerting/kotlin-stdlib-jdk8-2.2.0.jar
@sha rcFmSNu881sNEOfsMBw110bRwv5GDGBqulnxKxF8+bA=
@size 951
@ts 1768594064
opensearch/plugins/opensearch-alerting/kotlinx-coroutines-core-1.1.1.jar
@sha rEI/igqktOdFKWlv+CwBcfgajIqxgqGWXf8l5pwfeEQ=
@size 816013
@ts 1768594064
opensearch/plugins/opensearch-alerting/opensearch-alerting-3.4.0.0.jar
@sha wI2q5aHO5O6cXHIXGmaSs5Oau8OiIZo7upEwoagCcZA=
@size 1941991
@ts 1768594064
opensearch/plugins/opensearch-alerting/opensearch-rest-client-3.4.0.jar
@sha U0MBCalAXUrvDFY6H7z1tId84+fCBGam2/Y7C2z8vo0=
@size 90769
@ts 1768594064
opensearch/plugins/opensearch-alerting/opensearch-sql-thin-3.4.0.0.jar
@sha OBWCh6RQA09WFz8/DSTmkEg0SDiKvieLW7TAo+cGd0Q=
@size 6146247
@ts 1768594064
opensearch/plugins/opensearch-alerting/percolator-client-3.4.0.jar
@sha Z75VK/l/vOzBVfu2cvxs5/K2UXK2R6pYCOJWLOrgcTM=
@size 77240
@ts 1768594064
opensearch/plugins/opensearch-alerting/plugin-descriptor.properties
@sha bY3vWmCmoXcPTsqKyRGDTfxZAsluOD9FhuE6D3bmWIw=
@size 1924
@ts 1768594064
opensearch/plugins/opensearch-alerting/plugin-security.policy
@sha 9lrj+Vt0rOhhxpMMMSwVULyZ8U9HiNDzl91HeOXMcow=
@size 327
@ts 1768594064
opensearch/plugins/opensearch-alerting/slf4j-api-2.0.17.jar
@sha e3UdlSBhlU1av+1xgcH2RdM2CRtnmJFZHWMynGIuuDI=
@size 69908
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/
opensearch/plugins/opensearch-anomaly-detection/common-utils-3.4.0.0.jar
@sha EaluPH7jkkdcfb7DZlVUkVrcBua+kn+YNFhESwDOKU0=
@size 878286
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/commons-codec-1.18.0.jar
@sha ugBfMEzvkqPe3iSjitWsm4r8zw2PdYOdbBM4Y0z39uQ=
@size 373045
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/commons-lang3-3.18.0.jar
@sha Tu6ujSDAeKu2SwFewVit04OsWBVxzdxFxo8MmuAjByA=
@size 702952
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/commons-logging-1.3.5.jar
@sha bXp0TkAnZJ+7UIld+Ul9EJ+Yx2amNwYv6NLqu7MUC6Q=
@size 73737
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/commons-math3-3.6.1.jar
@sha HlbXsFjSi2Wr0la4RY44hbZ0wdWI+kPNfRy7nH7yswg=
@size 2213560
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/commons-pool2-2.12.0.jar
@sha bTvRjfhBDz4xsDGspYLMEJNCNYpionWevQxM3zDQb4s=
@size 150048
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/encoder-1.3.1.jar
@sha ycVsiXDHyxGyMZE7pRkM6TD4/U+sK9kYgQZC3DhI51c=
@size 40221
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/failureaccess-1.0.3.jar
@sha y/w5BrGbj1XdfP1t/gqkUy6DQlDX8IC9jSEaPiRrWcs=
@size 10763
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/gson-2.11.0.jar
@sha V5KNblpu3rKr03cKj5W6RNzkXzsjt6ncKzCcWBVSp4s=
@size 298435
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/guava-33.4.5-jre.jar
@sha h0sfDudcd8EtBp0UybiyaLeyy9fOZ5ZVwiX0qZQtycg=
@size 6137064
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/httpclient5-5.4.4.jar
@sha P4ZX6rkbdTPlzyMtTiaCU8T/n5nx5LzWeEFhi+1n8t4=
@size 911620
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/httpcore5-5.3.4.jar
@sha 8rL9egFk6MMSDNhDe8n+pDkjnhZcFyYrPpB9qn6Xn4A=
@size 908601
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/httpcore5-h2-5.3.4.jar
@sha H7TzTkthLnwSetaTM1WDWHhQsXzpscNm+d4cpJ/ix4E=
@size 241692
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/httpcore5-reactive-5.3.4.jar
@sha EPMnrkhmgQW4kgX7AXf2ajMECwr0RVqmj/OD07p8DLU=
@size 20591
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/jackson-annotations-2.18.2.jar
@sha WBvWEADvdkiUP3gcoFaJ5W0D9gUnSDZajis6m10/oy8=
@size 78494
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/jackson-databind-2.18.2.jar
@sha SzZOaFDciRcvzx1N0muP9UiO2kT/RlfiLdJlID3Vqzw=
@size 1658755
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/memory-0.12.2.jar
@sha e4IVYo9m1s2mclEvawGq/b6GvAaCNsj8l7zpKW88TkE=
@size 104254
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/opensearch-anomaly-detection-3.4.0.0.jar
@sha OmLkWPuK5p2CZ9xiXy76u9Bcje6jo2ghzwBqqL6U4bU=
@size 1623182
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/opensearch-rest-client-3.4.0.jar
@sha U0MBCalAXUrvDFY6H7z1tId84+fCBGam2/Y7C2z8vo0=
@size 90769
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/org.jacoco.agent-0.8.13.jar
@sha nbPJ1ddPqHCyYbZKMIJBLhvW4i6fqY9HN7G/+K+cxk0=
@size 276299
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/org.jacoco.ant-0.8.13.jar
@sha ZDS4VS/z0OSi+70Tpu+xJODJykU4F8YsA96DkNh//RE=
@size 35311
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/plugin-descriptor.properties
@sha lrTpB4r+et0Qwhvb9JdUSqjc4BKkwes3HqPRWofmNCU=
@size 2006
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/plugin-security.policy
@sha 33g7IMVcALsKj7zAj3Z0mEok7e1oc8zJ0soP8sdmh1M=
@size 1015
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/protostuff-api-1.8.0.jar
@sha +lMueCVb9ggK9kkpDZT8Cl7oxVEzfiMQ0pysmTFDAgE=
@size 59422
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/protostuff-collectionschema-1.8.0.jar
@sha 6LSs9BijeqrvVGh94y52JjiAUzCqzBUUO66nzzLiiR4=
@size 53875
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/protostuff-core-1.8.0.jar
@sha RHMtiQ1cQncwyJtz51yaa8tDMfhyR/kDYriwFGHt10c=
@size 65050
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/protostuff-runtime-1.8.0.jar
@sha EPSNYw4UKuDtZp+uvxzJvTkjmTsu6D2qmFvRYCzC32Q=
@size 446060
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/randomcutforest-core-4.4.0.jar
@sha LoUcgq3W1LzdE+XNhf3QkbiigYX+EEd1dh6P9mBv1Rs=
@size 321645
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/randomcutforest-parkservices-4.4.0.jar
@sha 9tDJEXdTYGO9LGaCWs7IQxly0RiVYoyPi2XRjt9srgE=
@size 109539
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/randomcutforest-serialization-4.4.0.jar
@sha vF8bItgtWpo1VRSh2vajQb6uDyMuQkF9fEmeTg4hn4A=
@size 20813
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/sketches-core-0.13.4.jar
@sha whYO2P4dsLHuYPnaN15vngjZXkGpB3vWK7SfgiFU4tg=
@size 673257
@ts 1768594064
opensearch/plugins/opensearch-anomaly-detection/slf4j-api-2.0.17.jar
@sha e3UdlSBhlU1av+1xgcH2RdM2CRtnmJFZHWMynGIuuDI=
@size 69908
@ts 1768594064
opensearch/plugins/opensearch-asynchronous-search/
opensearch/plugins/opensearch-asynchronous-search/common-utils-3.4.0.0.jar
@sha EaluPH7jkkdcfb7DZlVUkVrcBua+kn+YNFhESwDOKU0=
@size 878286
@ts 1768594064
opensearch/plugins/opensearch-asynchronous-search/opensearch-asynchronous-search-3.4.0.0.jar
@sha btCeLBAm12QqpEHrovMwnlddurKBrSXFxhoJncgWw3M=
@size 173739
@ts 1768594064
opensearch/plugins/opensearch-asynchronous-search/plugin-descriptor.properties
@sha eCgsGfKnZR2NP45++tmCUCiK1Kx/NMGsHmLRplrZuk8=
@size 1957
@ts 1768594064
opensearch/plugins/opensearch-asynchronous-search/plugin-security.policy
@sha mlAqgNpmA+ymTEEFt7B/EvzdhDe1zOAqi/1ZndrecrA=
@size 326
@ts 1768594064
opensearch/plugins/opensearch-cross-cluster-replication/
opensearch/plugins/opensearch-cross-cluster-replication/annotations-13.0.jar
@sha rOKhDcji1f00kl7KwD5JiLLA+FFlDJS4zvSbob0RFHg=
@size 17536
@ts 1768594064
opensearch/plugins/opensearch-cross-cluster-replication/common-utils-3.4.0.0.jar
@sha EaluPH7jkkdcfb7DZlVUkVrcBua+kn+YNFhESwDOKU0=
@size 878286
@ts 1768594064
opensearch/plugins/opensearch-cross-cluster-replication/httpclient5-5.4.4.jar
@sha P4ZX6rkbdTPlzyMtTiaCU8T/n5nx5LzWeEFhi+1n8t4=
@size 911620
@ts 1768594064
opensearch/plugins/opensearch-cross-cluster-replication/httpcore5-5.3.4.jar
@sha 8rL9egFk6MMSDNhDe8n+pDkjnhZcFyYrPpB9qn6Xn4A=
@size 908601
@ts 1768594064
opensearch/plugins/opensearch-cross-cluster-replication/httpcore5-h2-5.3.4.jar
@sha H7TzTkthLnwSetaTM1WDWHhQsXzpscNm+d4cpJ/ix4E=
@size 241692
@ts 1768594064
opensearch/plugins/opensearch-cross-cluster-replication/ipaddress-5.4.1.jar
@sha GCEWL4Se6zHMHDr3Nv+wtNPmiwGox4Jn3hka//pzkNc=
@size 890363
@ts 1768594064
opensearch/plugins/opensearch-cross-cluster-replication/kotlin-stdlib-2.2.0.jar
@sha ZdEthaO4ZcFg25FHhRcSpksQ2t1osi7qIqlb+KhnDco=
@size 1750373
@ts 1768594064
opensearch/plugins/opensearch-cross-cluster-replication/kotlin-stdlib-jdk7-2.2.0.jar
@sha DRC8DUK4YF8jYpo/MeonwZzbyp3N9PU/bSLNY2aDbRg=
@size 945
@ts 1768594064
opensearch/plugins/opensearch-cross-cluster-replication/kotlin-stdlib-jdk8-2.2.0.jar
@sha rcFmSNu881sNEOfsMBw110bRwv5GDGBqulnxKxF8+bA=
@size 951
@ts 1768594064
opensearch/plugins/opensearch-cross-cluster-replication/kotlinx-coroutines-core-jvm-1.6.0.jar
@sha rMjHSx+4gSHFEiG/p7b16SAgG8IBg+v3QWXc9dRagAM=
@size 1488107
@ts 1768594064
opensearch/plugins/opensearch-cross-cluster-replication/opensearch-cross-cluster-replication-3.4.0.0.jar
@sha hjf2tXuauUCcGkM72lRhKEyHOvvYT8wx7CRbz0W8Is0=
@size 987395
@ts 1768594064
opensearch/plugins/opensearch-cross-cluster-replication/plugin-descriptor.properties
@sha M7KQYIIXT2isfY4ml+gB8frbJKT/HFPPjSwH9OadvHQ=
@size 1944
@ts 1768594064
opensearch/plugins/opensearch-custom-codecs/
opensearch/plugins/opensearch-custom-codecs/LICENSE.txt
@sha CeipvOyAZxBGUsFoaFqwkx54aPnIKEtm9a5u2uXxEws=
@size 10142
@ts 1768594064
opensearch/plugins/opensearch-custom-codecs/NOTICE.txt
@sha TOHk93SR1XLLkms6OYalSDshYeZhD+Bz69gbKDLGYRU=
@size 2311
@ts 1768594064
opensearch/plugins/opensearch-custom-codecs/opensearch-custom-codecs-3.4.0.0.jar
@sha u5w7Chhfum8pgDRBc7bIwPujpx1YwXzrSjYg++DlQeE=
@size 117408
@ts 1768594064
opensearch/plugins/opensearch-custom-codecs/plugin-descriptor.properties
@sha 7hBqJ1LucGlbS2pLLuRUbbyoisWjQOW6UvmZqi0bR7Q=
@size 1961
@ts 1768594064
opensearch/plugins/opensearch-custom-codecs/plugin-security.policy
@sha hcEyzZkfgpqLxxH3prYk4ZCxkf/RqnhTc3BjvFl+CvM=
@size 408
@ts 1768594064
opensearch/plugins/opensearch-custom-codecs/qat-java-2.3.2.jar
@sha fEq7C6Y4xu+S4JCbotEe1G2zFRIUbh34zzR89So31B8=
@size 43212
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/
opensearch/plugins/opensearch-flow-framework/DafnyRuntime-4.11.0.jar
@sha Nmh4p5OplyG0CK+pk9V3RKkBa0E1vlhee5xmOiQ1AXQ=
@size 160303
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/LICENSE.txt
@sha CeipvOyAZxBGUsFoaFqwkx54aPnIKEtm9a5u2uXxEws=
@size 10142
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/NOTICE.txt
@sha 0HlFGyNu7+VxHay7Fm9BvblplMWWw69sRIzbSyxa4gM=
@size 73
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/aws-cryptographic-material-providers-1.11.0.jar
@sha jQlxoRJqZyOEC3aDKAaaxHbz8rYbaIxRhwByNXC/dKg=
@size 3640181
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/aws-encryption-sdk-java-3.0.2.jar
@sha 5Rf8O9jrgCcqvQwAnR0zIqPFfAsQktsBizo/QkHkbk4=
@size 250175
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/bc-fips-2.1.2.jar
@sha BE/NiinSNu3qiltBRAbNrmO0dfmtnwX+LckEoneUERU=
@size 8608495
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/common-utils-3.4.0.0.jar
@sha EaluPH7jkkdcfb7DZlVUkVrcBua+kn+YNFhESwDOKU0=
@size 878286
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/commons-codec-1.18.0.jar
@sha ugBfMEzvkqPe3iSjitWsm4r8zw2PdYOdbBM4Y0z39uQ=
@size 373045
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/commons-lang3-3.18.0.jar
@sha Tu6ujSDAeKu2SwFewVit04OsWBVxzdxFxo8MmuAjByA=
@size 702952
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/commons-logging-1.3.5.jar
@sha bXp0TkAnZJ+7UIld+Ul9EJ+Yx2amNwYv6NLqu7MUC6Q=
@size 73737
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/commons-text-1.14.0.jar
@sha Eh/OIoKRDI8MO6eTpUNrMb63EEI8vi1XSj+3pzxQjpI=
@size 259876
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/conversion-0.1.1.jar
@sha OGB2Kitm6xPCwORrqxhc8368njBUqgmVBYWsQBtO6dc=
@size 9583
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/gson-2.13.2.jar
@sha 3QzhtVo+0ggMtw+cZVhQzahsIGhiMQAJ3LXlyVJlpeA=
@size 289901
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/httpclient5-5.4.4.jar
@sha P4ZX6rkbdTPlzyMtTiaCU8T/n5nx5LzWeEFhi+1n8t4=
@size 911620
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/httpcore5-5.3.4.jar
@sha 8rL9egFk6MMSDNhDe8n+pDkjnhZcFyYrPpB9qn6Xn4A=
@size 908601
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/httpcore5-h2-5.3.4.jar
@sha H7TzTkthLnwSetaTM1WDWHhQsXzpscNm+d4cpJ/ix4E=
@size 241692
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/httpcore5-reactive-5.3.4.jar
@sha EPMnrkhmgQW4kgX7AXf2ajMECwr0RVqmj/OD07p8DLU=
@size 20591
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/jackson-annotations-2.18.2.jar
@sha WBvWEADvdkiUP3gcoFaJ5W0D9gUnSDZajis6m10/oy8=
@size 78494
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/jackson-databind-2.18.2.jar
@sha SzZOaFDciRcvzx1N0muP9UiO2kT/RlfiLdJlID3Vqzw=
@size 1658755
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/jackson-datatype-jsr310-2.18.2.jar
@sha 4tIC1GBuI66vilqWMtsG9f79W2PSUcP1A/n6qnhTDlw=
@size 132690
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/jakarta.json-2.0.1.jar
@sha UlObOUmLhsqZELDqzGCKjHjejbOELKqEvIcWk3IgLMA=
@size 143846
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/jakarta.json.bind-api-3.0.1.jar
@sha 2TfwHBLUFvCmFah82CUcK91F91AkTr4ojEum1GnbA3c=
@size 38026
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/json-20231013.jar
@sha DxgZLfKJEU4XqhoNCn+DcsyfXH5Pfjmtz4kG/nFPp9M=
@size 74702
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/json-path-2.10.0.jar
@sha iQ2qld04ktNNn6vCfNUVNlbm82k1hiXIj03Ht5y9bFo=
@size 279148
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/opensearch-flow-framework-3.4.0.0.jar
@sha nSqOHOVqfxY/xpFhePFj8TFbwIFpQ0cYUcsb+NP3ZOc=
@size 423243
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/opensearch-ml-client-3.4.0.0.jar
@sha wnxvNV7rAlCSD5p1M1NueszEgWXohxj1WhwH7NWgTtk=
@size 4467391
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/opensearch-remote-metadata-sdk-3.4.0.0.jar
@sha 3+jrAuevsRVl9ehj3sd4n+NJHz2MieO7khiySE9JULo=
@size 73124
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/opensearch-rest-client-3.4.0.jar
@sha U0MBCalAXUrvDFY6H7z1tId84+fCBGam2/Y7C2z8vo0=
@size 90769
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/plugin-descriptor.properties
@sha aKAiiSZXmu+dBPkGMmAofLwoP8BIhiAAo9CmIHKagTA=
@size 2000
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/plugin-security.policy
@sha CQrq8j+3ZRvJ0HWyl5DOoBMZsvfjzLH0/ssCDrymgxk=
@size 306
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/slf4j-api-2.0.17.jar
@sha e3UdlSBhlU1av+1xgcH2RdM2CRtnmJFZHWMynGIuuDI=
@size 69908
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/swagger-core-2.2.41.jar
@sha 5d8U8FfUO0UA4KsMwvwpBjGik7Vvrk8JHhZTbu5MfBk=
@size 252408
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/swagger-models-2.2.41.jar
@sha OXgh4NS+G8imqrXOlD3x1d0FUc1TsnrtY5dOM+pPbKw=
@size 140036
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/swagger-parser-2.1.36.jar
@sha zELTgTKCJZZ3H+l3sjN/vRAw+mGn8dpANKsoE7CdEd8=
@size 3159
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/swagger-parser-core-2.1.36.jar
@sha aku01TIGZVsBviaUAvfAyM0RXm0C+jRlYQBKeEhj7Bk=
@size 7880
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/swagger-parser-v3-2.1.36.jar
@sha EMPM2cFXgw4HJhwiEmNVHWLEqnf5XgisX9geNJbQkO0=
@size 214577
@ts 1768594064
opensearch/plugins/opensearch-flow-framework/yasson-3.0.4.jar
@sha 9lgoX54+GjmZ4uqSaV/DOJKyWDBdKtr7cphegUUt3Qc=
@size 397922
@ts 1768594064
opensearch/plugins/opensearch-geospatial/
opensearch/plugins/opensearch-geospatial/LICENSE.txt
@sha CeipvOyAZxBGUsFoaFqwkx54aPnIKEtm9a5u2uXxEws=
@size 10142
@ts 1768594064
opensearch/plugins/opensearch-geospatial/NOTICE.txt
@sha UG/9QmwGPKPsr9fb1dlCw/9+svZ+akDRi4MpIbu/Qrk=
@size 71
@ts 1768594064
opensearch/plugins/opensearch-geospatial/commons-csv-1.10.0.jar
@sha LQbmoHpja693etjmWSVvIRkQnd4jVRybgMVCLUJLgIw=
@size 54749
@ts 1768594064
opensearch/plugins/opensearch-geospatial/commons-lang3-3.18.0.jar
@sha Tu6ujSDAeKu2SwFewVit04OsWBVxzdxFxo8MmuAjByA=
@size 702952
@ts 1768594064
opensearch/plugins/opensearch-geospatial/geo-3.4.0.jar
@sha hjSpKEsVL1nw4Kg73ALBnNJl7lCmfqoUqjksK5wEsD0=
@size 95134
@ts 1768594064
opensearch/plugins/opensearch-geospatial/geospatial-client-3.4.0.0.jar
@sha 7Fc0gLw4QQs7NMubkw8sHqSb37AP3k8jaM0sTftSAQw=
@size 7244
@ts 1768594064
opensearch/plugins/opensearch-geospatial/h3-3.4.0.0.jar
@sha UJLdNG4s06POMhpiQE5kL8nDPfULgnVchniB+kF6dEM=
@size 40390
@ts 1768594064
opensearch/plugins/opensearch-geospatial/ipaddress-5.4.2.jar
@sha B7dhg0qfu5EKqHQ3hbrPojinTNLAG/LzEcDPmxV7VyI=
@size 890364
@ts 1768594064
opensearch/plugins/opensearch-geospatial/opensearch-geospatial-3.4.0.0.jar
@sha jo0I9/tTzMloCgf5B5vL2KswIE1x0EomFR29e6YZjmY=
@size 273643
@ts 1768594064
opensearch/plugins/opensearch-geospatial/plugin-descriptor.properties
@sha p7CWwIAugHSGCqWiekomxTnn5J2O0TvHYnhc2AYzVmk=
@size 1971
@ts 1768594064
opensearch/plugins/opensearch-geospatial/plugin-security.policy
@sha CIVSMCT5JPFT1aqIs6CN4fxvnCYM65D25K33MgOYzDw=
@size 334
@ts 1768594064
opensearch/plugins/opensearch-index-management/
opensearch/plugins/opensearch-index-management/LICENSE.txt
@sha CeipvOyAZxBGUsFoaFqwkx54aPnIKEtm9a5u2uXxEws=
@size 10142
@ts 1768594064
opensearch/plugins/opensearch-index-management/NOTICE.txt
@sha 0HlFGyNu7+VxHay7Fm9BvblplMWWw69sRIzbSyxa4gM=
@size 73
@ts 1768594064
opensearch/plugins/opensearch-index-management/annotations-23.0.0.jar
@sha ew8ZckCCy/y8ZuWr6iubySzwih6hHhkZM+1DgB6zzQU=
@size 29371
@ts 1768594064
opensearch/plugins/opensearch-index-management/common-utils-3.4.0.0.jar
@sha EaluPH7jkkdcfb7DZlVUkVrcBua+kn+YNFhESwDOKU0=
@size 878286
@ts 1768594064
opensearch/plugins/opensearch-index-management/commons-codec-1.17.2.jar
@sha QUgzJyhJDO8Ssp2sTDhfRpgvBChRMsb6Ua1yZ9fceos=
@size 372800
@ts 1768594064
opensearch/plugins/opensearch-index-management/httpclient-4.5.14.jar
@sha yLx+HFGm1M5y9A0uu6vxxLaL/nbnMhBLBDgbSTR46dY=
@size 785639
@ts 1768594064
opensearch/plugins/opensearch-index-management/httpcore-4.4.16.jar
@sha bJs90UKgncRo4jrTmq1vdaDyuFElEERp8CblKkdORk8=
@size 327891
@ts 1768594064
opensearch/plugins/opensearch-index-management/ipaddress-5.5.1.jar
@sha XqReV9sMLWJBkqUEbO6kGwrK95t2ilShTIZ5G7ZFknA=
@size 927285
@ts 1768594064
opensearch/plugins/opensearch-index-management/kotlin-stdlib-2.2.0.jar
@sha ZdEthaO4ZcFg25FHhRcSpksQ2t1osi7qIqlb+KhnDco=
@size 1750373
@ts 1768594064
opensearch/plugins/opensearch-index-management/kotlin-stdlib-jdk7-2.2.0.jar
@sha DRC8DUK4YF8jYpo/MeonwZzbyp3N9PU/bSLNY2aDbRg=
@size 945
@ts 1768594064
opensearch/plugins/opensearch-index-management/kotlinx-coroutines-core-jvm-1.7.3.jar
@sha GrOsw48+c1XE+dHsYhB6RvpzyJnzBw0FXl1Dc9/mfhI=
@size 1551152
@ts 1768594064
opensearch/plugins/opensearch-index-management/opensearch-index-management-3.4.0.0.jar
@sha rUaGF8RQOmQ72z3hivj3wlNbypHdkw5TZyF/cS+QfSg=
@size 2687639
@ts 1768594064
opensearch/plugins/opensearch-index-management/opensearch-index-management-spi-3.4.0.0.jar
@sha 0QKd8lyTG5l957chBR0b1+jJVk6XGVPkXvS+GVhzqjE=
@size 202656
@ts 1768594064
opensearch/plugins/opensearch-index-management/plugin-descriptor.properties
@sha IzQ3FO8EboZRrteRfm0KqOAvGzJxplZN07zGREDIgr0=
@size 1958
@ts 1768594064
opensearch/plugins/opensearch-index-management/plugin-security.policy
@sha V++bjb1w1EVpZIPG4ZdjdO+C+6Va2ZoUm6XExoPhIFg=
@size 327
@ts 1768594064
opensearch/plugins/opensearch-job-scheduler/
opensearch/plugins/opensearch-job-scheduler/opensearch-job-scheduler-3.4.0.0.jar
@sha V/DC3Bqmdo3K+zSVrj01X15Q30y93ACMVArBunMmcmU=
@size 130555
@ts 1768594064
opensearch/plugins/opensearch-job-scheduler/opensearch-job-scheduler-spi-3.4.0.0.jar
@sha rqRA88vhG7W7HvHI8WDyH97pSoCR9qJe2UfjKq/R/e0=
@size 292214
@ts 1768594064
opensearch/plugins/opensearch-job-scheduler/plugin-descriptor.properties
@sha UXknveMoQOiPF/XgkrcbZul87b8HVkDOQ8fcirxr2wk=
@size 1922
@ts 1768594064
opensearch/plugins/opensearch-knn/
opensearch/plugins/opensearch-knn/LICENSE.txt
@sha v/oYXAyOxHr6bUUNTOoXP6OnCZzjtPd+WA5t0EmIa3k=
@size 20535
@ts 1768594064
opensearch/plugins/opensearch-knn/NOTICE.txt
@sha ZdQI3HYWu8CYS2J0OrptVVZMlPkC7WbSla5CQozfbps=
@size 51
@ts 1768594064
opensearch/plugins/opensearch-knn/commons-lang3-3.18.0.jar
@sha Tu6ujSDAeKu2SwFewVit04OsWBVxzdxFxo8MmuAjByA=
@size 702952
@ts 1768594064
opensearch/plugins/opensearch-knn/httpclient5-5.4.4.jar
@sha P4ZX6rkbdTPlzyMtTiaCU8T/n5nx5LzWeEFhi+1n8t4=
@size 911620
@ts 1768594064
opensearch/plugins/opensearch-knn/httpcore5-5.3.4.jar
@sha 8rL9egFk6MMSDNhDe8n+pDkjnhZcFyYrPpB9qn6Xn4A=
@size 908601
@ts 1768594064
opensearch/plugins/opensearch-knn/httpcore5-h2-5.3.4.jar
@sha H7TzTkthLnwSetaTM1WDWHhQsXzpscNm+d4cpJ/ix4E=
@size 241692
@ts 1768594064
opensearch/plugins/opensearch-knn/jna-platform-5.16.0.jar
@sha 5aeVI5ZFCXV1VXgrtgKD5JAmEQE/EH5GANyTKY9z84I=
@size 1375665
@ts 1768594064
opensearch/plugins/opensearch-knn/lib/
opensearch/plugins/opensearch-knn/lib/libgomp.so
@sha YLPXM74dNkImvmnT8n0WbvDKpjmD0SWyoxs95yhrUlw=
@size 1241896
@ts 1768594064
opensearch/plugins/opensearch-knn/lib/libgomp.so.1
@sha YLPXM74dNkImvmnT8n0WbvDKpjmD0SWyoxs95yhrUlw=
@size 1241896
@ts 1768594064
opensearch/plugins/opensearch-knn/lib/libopensearchknn_common.so
@sha u2A+et5ebEzyJrnRgDgSefbb+3+JPG7eSHXF3Lh+aC8=
@size 17968
@ts 1768594064
opensearch/plugins/opensearch-knn/lib/libopensearchknn_faiss.so
@sha a9PvD3/yI7y/MJZLJzzvTV8hEQRfkHGvesJ6uGxAGdw=
@size 28141672
@ts 1768594065
opensearch/plugins/opensearch-knn/lib/libopensearchknn_faiss_avx2.so
@sha zviw+axQB+4rotPC5vmhjMai7ymCe0lj6h4oaiFW1SQ=
@size 27951264
@ts 1768594065
opensearch/plugins/opensearch-knn/lib/libopensearchknn_faiss_avx512.so
@sha gBEotAiyPSbexBFoCQcZ0yPZD1vwLyEg1oRisup0BLE=
@size 28717984
@ts 1768594065
opensearch/plugins/opensearch-knn/lib/libopensearchknn_faiss_avx512_spr.so
@sha ewHglrCiZa3ppe/JDnfvgeYx3RWaoSX1fXmkCKchifE=
@size 28679232
@ts 1768594065
opensearch/plugins/opensearch-knn/lib/libopensearchknn_nmslib.so
@sha F/7c4IZGTeTGPJJFDfWnr+Vd85LJ5yNjsC+CROCnH/Q=
@size 2435272
@ts 1768594065
opensearch/plugins/opensearch-knn/lib/libopensearchknn_simd.so
@sha EIwh6tvjC2B383f+QHnk1WzLiIsQA1PZDWMadbMFXn0=
@size 21759872
@ts 1768594065
opensearch/plugins/opensearch-knn/lib/libopensearchknn_simd_avx2.so
@sha p4oTBA65M3fvwwbjT7Pa4V35poP+OmYoWxDTlrhvUiU=
@size 22351600
@ts 1768594065
opensearch/plugins/opensearch-knn/lib/libopensearchknn_simd_avx512.so
@sha 0xoJIDx1YhY/C1GjihKnW8EXQsTpyIPeFqn5kaAGF1k=
@size 22626872
@ts 1768594065
opensearch/plugins/opensearch-knn/lib/libopensearchknn_simd_avx512_spr.so
@sha 7q4w63Z0ElsIUWntsUZAo8Vh0eKJYWgqpyb1FZbw9Ms=
@size 22528568
@ts 1768594065
opensearch/plugins/opensearch-knn/lib/libopensearchknn_util.so
@sha OHN9ioMQuOOTKc6/6JSOXPxKNCPT3FJjqlX74V3ELrw=
@size 98104
@ts 1768594065
opensearch/plugins/opensearch-knn/opensearch-knn-3.4.0.0.jar
@sha tpxxO3cbf4DMzdFiYEOuRYuqsM80OMwnhUyP8CxDK/U=
@size 1160682
@ts 1768594065
opensearch/plugins/opensearch-knn/oshi-core-6.4.13.jar
@sha QAkQWONPNBDDj77GBtyVTq3ZbdfZfKBr+lq9uEKUwEM=
@size 979563
@ts 1768594065
opensearch/plugins/opensearch-knn/plugin-descriptor.properties
@sha 5Oh+lv3pJl2hfr0pO/cVnpGMgmubhMEnDu+ChuXrIzI=
@size 1920
@ts 1768594065
opensearch/plugins/opensearch-knn/plugin-security.policy
@sha 7+j0DoAAEWt/5U/I2u6z3cwOAYr2VH+DHpkiC9eiiYE=
@size 1031
@ts 1768594065
opensearch/plugins/opensearch-knn/remote-index-build-client-3.4.0.0.jar
@sha I9cvnmf2NmRZdlNIcwdkCRZDx5bUpf7Uahv01JQKXak=
@size 32204
@ts 1768594065
opensearch/plugins/opensearch-knn/slf4j-api-2.0.17.jar
@sha e3UdlSBhlU1av+1xgcH2RdM2CRtnmJFZHWMynGIuuDI=
@size 69908
@ts 1768594065
opensearch/plugins/opensearch-ltr/
opensearch/plugins/opensearch-ltr/LICENSE.txt
@sha z8d0m5b2O9McPEK1xHG/dWgUBT6EfBDz6wA0F7xSPTA=
@size 11358
@ts 1768594065
opensearch/plugins/opensearch-ltr/NOTICE.txt
@sha t50ohzmI+z5AeYQLdhRNkErfAeJxKWQ9LWLQRtWP9s0=
@size 37824
@ts 1768594065
opensearch/plugins/opensearch-ltr/RankyMcRankFace-0.1.1.jar
@sha UKVe8C6tmp8cDdad0yTKk1/LhUwoz9uFfc3Z41da6bU=
@size 182529
@ts 1768594065
opensearch/plugins/opensearch-ltr/antlr4-runtime-4.11.1.jar
@sha 4GxlU8HMwU02BS7EsPxvE7gIz5V7Wx3D9hv0AZlq2lk=
@size 324039
@ts 1768594065
opensearch/plugins/opensearch-ltr/asm-9.6.jar
@sha PG+sJCTbPUqFO2afTj0dnDxVIjXhmjGWc/iHCDwjA6E=
@size 123598
@ts 1768594065
opensearch/plugins/opensearch-ltr/asm-commons-9.6.jar
@sha eu/Q1cCQFwHGn3UT/tp2X7a+M68s56oXxXgfyHZXxRE=
@size 72194
@ts 1768594065
opensearch/plugins/opensearch-ltr/asm-tree-9.6.jar
@sha xD7PF7U5x3fhXae1uGVTs3fi05poPeYoVWfVKDiI5+8=
@size 51935
@ts 1768594065
opensearch/plugins/opensearch-ltr/common-utils-3.4.0.0.jar
@sha EaluPH7jkkdcfb7DZlVUkVrcBua+kn+YNFhESwDOKU0=
@size 878286
@ts 1768594065
opensearch/plugins/opensearch-ltr/compiler-0.9.3.jar
@sha R4zjFyMf9CAkv3tvFEehXm2WE1i1ZKwVjr/kxT/dQE8=
@size 99939
@ts 1768594065
opensearch/plugins/opensearch-ltr/conscrypt-openjdk-uber-2.5.2.jar
@sha 6vU32Y4DPQ8EUc0bjMdOAte1XsiC2mPIgGDYBrqJw0g=
@size 4534256
@ts 1768594065
opensearch/plugins/opensearch-ltr/lucene-expressions-9.7.0.jar
@sha OdheNnsWmuwyO32JfziIASTvCBMRgsFg5V4LvOBkhlk=
@size 78067
@ts 1768594065
opensearch/plugins/opensearch-ltr/opensearch-ltr-3.4.0.0.jar
@sha I9/52ASiKcy2AVTdSH9NuBq9QqLYYsfYzeHvNr9sdpk=
@size 452854
@ts 1768594065
opensearch/plugins/opensearch-ltr/plugin-descriptor.properties
@sha 50Q+frP/koUHlVkp8IJHbezdy4Kp/Vo6agfpOAY4vXU=
@size 1911
@ts 1768594065
opensearch/plugins/opensearch-ltr/plugin-security.policy
@sha W7vLqCP1oT5XDDuFZ9HlHq4wCW1sR1McFZN2QythtGQ=
@size 1556
@ts 1768594065
opensearch/plugins/opensearch-ltr/slf4j-api-2.0.17.jar
@sha e3UdlSBhlU1av+1xgcH2RdM2CRtnmJFZHWMynGIuuDI=
@size 69908
@ts 1768594065
opensearch/plugins/opensearch-ml/
opensearch/plugins/opensearch-ml/DafnyRuntime-4.9.0.jar
@sha 7TI7doBvjcUX/C43JOj1I5ErhcJ+BiIIrQ2gqvqRF5M=
@size 159922
@ts 1768594065
opensearch/plugins/opensearch-ml/accessors-smart-2.5.2.jar
@sha m4p7xDhh1hVsAhFm2UH7fd2+RGPi+l7ogHfksBRSqDY=
@size 30358
@ts 1768594065
opensearch/plugins/opensearch-ml/annotations-2.32.29.jar
@sha Wa6vk2IupxJzAa6+VrxYCVCurOSNdeaT1SQks+B2bKw=
@size 13758
@ts 1768594065
opensearch/plugins/opensearch-ml/apache-client-2.32.29.jar
@sha dZMKDvaf3D2XjR41vzwbZ3jmO3T9c9BMogerY+pqo5w=
@size 77015
@ts 1768594065
opensearch/plugins/opensearch-ml/api-0.31.1.jar
@sha WxfG10pxRyHOW2QWuT81Ny+LBmVnbn4sq1kqlBe1a8c=
@size 946723
@ts 1768594065
opensearch/plugins/opensearch-ml/asm-9.7.1.jar
@sha jK3UOsXrbQneBfrsyji5F6BAu5E5x+3rTMgcdAtxMoE=
@size 126093
@ts 1768594065
opensearch/plugins/opensearch-ml/auth-2.32.29.jar
@sha ATsdaOp/QmlRhmrX/q1FvwKJdFVbkYyNQUraMGvsoqU=
@size 234932
@ts 1768594065
opensearch/plugins/opensearch-ml/aws-core-2.32.29.jar
@sha cNRV9w0BBI9C8kL43gGgypg3+jcbLNOLXDVrzkvmQwo=
@size 192119
@ts 1768594065
opensearch/plugins/opensearch-ml/aws-cryptographic-material-providers-1.11.0.jar
@sha jQlxoRJqZyOEC3aDKAaaxHbz8rYbaIxRhwByNXC/dKg=
@size 3640181
@ts 1768594065
opensearch/plugins/opensearch-ml/aws-database-encryption-sdk-dynamodb-3.9.0.jar
@sha C23yoe17wQMUWSIxl4WcdzZj7Vlwy2UqafpGIhCn1nk=
@size 1479002
@ts 1768594065
opensearch/plugins/opensearch-ml/aws-encryption-sdk-java-2.4.1.jar
@sha Hk3mQ+xstzd4AQjCr6+pFhWsLfKIclwFiXBfoOOJxeA=
@size 236205
@ts 1768594065
opensearch/plugins/opensearch-ml/aws-java-sdk-core-1.12.780.jar
@sha oaOB0f8WdBGbhgK94twbwFp7xc0TDMmFomOXZboCFs4=
@size 1059551
@ts 1768594065
opensearch/plugins/opensearch-ml/aws-java-sdk-dynamodb-1.12.780.jar
@sha SUd63KESjwcngRb1qqD33Hdh+/2dyYVKjRYuQLwqSmM=
@size 2167242
@ts 1768594065
opensearch/plugins/opensearch-ml/aws-java-sdk-kms-1.12.780.jar
@sha NM3Sw+QPgz2ETRkQVKMOMI84DSP+5xhdfv72qoW0h0I=
@size 760919
@ts 1768594065
opensearch/plugins/opensearch-ml/aws-java-sdk-s3-1.12.780.jar
@sha qjys8dkE24sI46IJCeZi4nfhhGoFox6Yt5rtpKpzHP4=
@size 1279139
@ts 1768594065
opensearch/plugins/opensearch-ml/aws-json-protocol-2.32.29.jar
@sha Sp2eXUYOHvBt3ed7K7iNsliSWSjt0SKfXZCDAB2CcEc=
@size 141897
@ts 1768594065
opensearch/plugins/opensearch-ml/aws-query-protocol-2.32.29.jar
@sha 8rpzeZ7aLYKlE35icW/lhICjNS+SookLpfZEyAP+NE8=
@size 69370
@ts 1768594065
opensearch/plugins/opensearch-ml/aws-xml-protocol-2.32.29.jar
@sha tDgWaTPJ3y6r9t2xIsYml1eqOAV+q/AV4S1LDpa4C44=
@size 102273
@ts 1768594065
opensearch/plugins/opensearch-ml/bc-fips-2.1.2.jar
@sha BE/NiinSNu3qiltBRAbNrmO0dfmtnwX+LckEoneUERU=
@size 8608495
@ts 1768594065
opensearch/plugins/opensearch-ml/bedrockruntime-2.32.29.jar
@sha g8ZaHEWuRpLzqI+bb8jAoO5MzDaPKeW6hgbgKCBDrYA=
@size 1553394
@ts 1768594065
opensearch/plugins/opensearch-ml/checker-qual-3.37.0.jar
@sha 5M4TdswnNeHd4iC2KtCRP1EpdwTarRVaM/OGvF2w2fc=
@size 224460
@ts 1768594065
opensearch/plugins/opensearch-ml/checksums-2.32.29.jar
@sha HMihDy0Y15pl4YEMFrceR+iCCvSzta0oELPPRHY4Rz8=
@size 69586
@ts 1768594065
opensearch/plugins/opensearch-ml/checksums-spi-2.32.29.jar
@sha lD/VkMwrxuLqebQ2tmsNjG5lgM8w7IFOOmU3pT0cetA=
@size 8046
@ts 1768594065
opensearch/plugins/opensearch-ml/common-utils-3.4.0.0.jar
@sha EaluPH7jkkdcfb7DZlVUkVrcBua+kn+YNFhESwDOKU0=
@size 878286
@ts 1768594065
opensearch/plugins/opensearch-ml/commons-beanutils-1.11.0.jar
@sha nkS6aOyaPyEob6Kou7ADtzXA9pEBu0MUS3n0+KqnRwk=
@size 246806
@ts 1768594065
opensearch/plugins/opensearch-ml/commons-codec-1.15.jar
@sha s+n21jp5AQm/DQVmEfvtHPaQVYJt7+uYlKcTadJG7WM=
@size 353793
@ts 1768594065
opensearch/plugins/opensearch-ml/commons-collections-3.2.2.jar
@sha 7urpF5FxRKaKdB1MDf9mqlxcX9hVk/8he87T/Iyng7g=
@size 588337
@ts 1768594065
opensearch/plugins/opensearch-ml/commons-collections4-4.4.jar
@sha Hfi5QwtcjtFD14FeQD4z71NxskAKrb6b2giDdi4IRtE=
@size 751914
@ts 1768594065
opensearch/plugins/opensearch-ml/commons-compress-1.26.0.jar
@sha BRrOuLvMYtD1sriscsU3Z/nFm/vQUBUeZb729RyO2ck=
@size 1078328
@ts 1768594065
opensearch/plugins/opensearch-ml/commons-io-2.15.1.jar
@sha pYrxLuG2jP0uuwwnyu8WTwhDgaAOyBpIzCdf1+pU4VQ=
@size 501218
@ts 1768594065
opensearch/plugins/opensearch-ml/commons-lang3-3.18.0.jar
@sha Tu6ujSDAeKu2SwFewVit04OsWBVxzdxFxo8MmuAjByA=
@size 702952
@ts 1768594065
opensearch/plugins/opensearch-ml/commons-logging-1.2.jar
@sha 2t3qHqC+D1aXirMAa4rJKDSv7vvZt+TmMW/KV98PpjY=
@size 61829
@ts 1768594065
opensearch/plugins/opensearch-ml/commons-math3-3.6.1.jar
@sha HlbXsFjSi2Wr0la4RY44hbZ0wdWI+kPNfRy7nH7yswg=
@size 2213560
@ts 1768594065
opensearch/plugins/opensearch-ml/commons-text-1.14.0.jar
@sha Eh/OIoKRDI8MO6eTpUNrMb63EEI8vi1XSj+3pzxQjpI=
@size 259876
@ts 1768594065
opensearch/plugins/opensearch-ml/conversion-0.1.1.jar
@sha OGB2Kitm6xPCwORrqxhc8368njBUqgmVBYWsQBtO6dc=
@size 9583
@ts 1768594065
opensearch/plugins/opensearch-ml/dynamodb-2.32.29.jar
@sha uEDhe9utzjG4HnSNLMpz470H0jleDj30g3kq5UGBfpo=
@size 3124375
@ts 1768594065
opensearch/plugins/opensearch-ml/dynamodb-enhanced-2.32.29.jar
@sha Avb43q5iAYCsGnqxTmTraZFT9QQ50hqVVFDIATu0fSA=
@size 718524
@ts 1768594065
opensearch/plugins/opensearch-ml/endpoints-spi-2.32.29.jar
@sha 42wpIoo2iYOxo6JI5sOyG4GvrCWA02PWXDb5eHthc/w=
@size 13169
@ts 1768594065
opensearch/plugins/opensearch-ml/eventstream-1.0.1.jar
@sha DDfY5pYRfwLDAhkbgRCw0Osg+kEvzjTDomnsc8Fs6CI=
@size 30193
@ts 1768594065
opensearch/plugins/opensearch-ml/gson-2.13.2.jar
@sha 3QzhtVo+0ggMtw+cZVhQzahsIGhiMQAJ3LXlyVJlpeA=
@size 289901
@ts 1768594065
opensearch/plugins/opensearch-ml/guava-32.1.3-jre.jar
@sha bU4rWhGKq2Lm5eKdGFoCJO7YLIXECsPTPPBKJww7N0Q=
@size 3043932
@ts 1768594065
opensearch/plugins/opensearch-ml/http-auth-2.32.29.jar
@sha I+er8GY7Go/EJXNPK+GZseLtRP8Sv8JsXHGLC53JYCc=
@size 17475
@ts 1768594065
opensearch/plugins/opensearch-ml/http-auth-aws-2.32.29.jar
@sha OjG0LdLogTjcSORi1A5UFuj2ya62U/9HvIVeum0Bc78=
@size 168303
@ts 1768594065
opensearch/plugins/opensearch-ml/http-auth-aws-eventstream-2.32.29.jar
@sha qDfGXgqB+OZjd3slAq7OWoIk9jxL+9F0EPcKVcYjcfA=
@size 8706
@ts 1768594065
opensearch/plugins/opensearch-ml/http-auth-spi-2.32.29.jar
@sha gf9F+jQn2yz+Sp7x6z/E7fqR4mXFbJSvSn3HI19mptc=
@size 45763
@ts 1768594065
opensearch/plugins/opensearch-ml/http-client-spi-2.32.29.jar
@sha DB0uAnlUqgB25mWYBO61Lvi8NYkEnhNUAuNHyVpjqEM=
@size 91686
@ts 1768594065
opensearch/plugins/opensearch-ml/httpclient-4.5.14.jar
@sha yLx+HFGm1M5y9A0uu6vxxLaL/nbnMhBLBDgbSTR46dY=
@size 785639
@ts 1768594065
opensearch/plugins/opensearch-ml/httpclient5-5.4.4.jar
@sha P4ZX6rkbdTPlzyMtTiaCU8T/n5nx5LzWeEFhi+1n8t4=
@size 911620
@ts 1768594065
opensearch/plugins/opensearch-ml/httpcore-4.4.15.jar
@sha PLrtCIxJmhD5bd5Y853A55hRcavYgTjKFlWocgEbsUI=
@size 328324
@ts 1768594065
opensearch/plugins/opensearch-ml/httpcore5-5.3.4.jar
@sha 8rL9egFk6MMSDNhDe8n+pDkjnhZcFyYrPpB9qn6Xn4A=
@size 908601
@ts 1768594065
opensearch/plugins/opensearch-ml/httpcore5-h2-5.3.4.jar
@sha H7TzTkthLnwSetaTM1WDWHhQsXzpscNm+d4cpJ/ix4E=
@size 241692
@ts 1768594065
opensearch/plugins/opensearch-ml/httpcore5-reactive-5.3.4.jar
@sha EPMnrkhmgQW4kgX7AXf2ajMECwr0RVqmj/OD07p8DLU=
@size 20591
@ts 1768594065
opensearch/plugins/opensearch-ml/identity-spi-2.32.29.jar
@sha A+6nGaq2IoRfhaiQUPgamncRyFrH2GrdzcYy2MjrkW8=
@size 30964
@ts 1768594065
opensearch/plugins/opensearch-ml/itu-1.10.3.jar
@sha I9O6hAldSJpZUkD4kEUIXqUGb7b8HcCRJY1XffnXSrw=
@size 52056
@ts 1768594065
opensearch/plugins/opensearch-ml/jackson-annotations-2.18.3.jar
@sha iqV0DYC1pQJVCLQbutuqH7N3ImfGKLLjBoGk9F+LiTE=
@size 78502
@ts 1768594065
opensearch/plugins/opensearch-ml/jackson-databind-2.18.2.jar
@sha SzZOaFDciRcvzx1N0muP9UiO2kT/RlfiLdJlID3Vqzw=
@size 1658755
@ts 1768594065
opensearch/plugins/opensearch-ml/jackson-datatype-jsr310-2.18.3.jar
@sha Lh3y/rk2g9N5lpzq94t2oKwRXGfQRnGVj9307tbmQB0=
@size 133035
@ts 1768594065
opensearch/plugins/opensearch-ml/jakarta.json-2.0.0-module.jar
@sha 4cA5gwH1dMzbfJuxtGjT/h1GrCCIrJpfTdIjC/cHr8g=
@size 115492
@ts 1768594065
opensearch/plugins/opensearch-ml/jakarta.json-api-2.1.3.jar
@sha vJNBQoBeodeU8UQFY5ZaOGGiqft0FOzT/kTyZQBzRBQ=
@size 48629
@ts 1768594065
opensearch/plugins/opensearch-ml/jakarta.json.bind-api-2.0.0.jar
@sha peYGtYiLQStIkHrWiLNN/k4wroGJxvJ8wEkbjzwDYoc=
@size 35689
@ts 1768594065
opensearch/plugins/opensearch-ml/jansi-2.4.0.jar
@sha bNkZkTI917L7KMqT16wSr1qGovUyeeKzWCezAxP9C58=
@size 221009
@ts 1768594065
opensearch/plugins/opensearch-ml/javassist-3.26.0-GA.jar
@sha ylYlh0/wo08kIhc6URszwiUhjBRqPJYbGJQO//QwRi0=
@size 782535
@ts 1768594065
opensearch/plugins/opensearch-ml/jline-builtins-3.21.0.jar
@sha 4MBYG4GY9g3/CNf+H//lUBm2p5isAipLF+5M9xjwHwc=
@size 263195
@ts 1768594065
opensearch/plugins/opensearch-ml/jline-reader-3.21.0.jar
@sha ZwEpvREMv5tLmdrso4udvkY2G92CRw6SqadGSnVt+6c=
@size 171621
@ts 1768594065
opensearch/plugins/opensearch-ml/jline-style-3.21.0.jar
@sha 5wj1fm8vxOECpp0Av6/eBJhKzSKBcmONWaCZeLQPZUk=
@size 27685
@ts 1768594065
opensearch/plugins/opensearch-ml/jline-terminal-3.21.0.jar
@sha OgWhYC+dUUKJCIeTUPLPW+h/zvztL1bG6I2ddvQac/4=
@size 228777
@ts 1768594065
opensearch/plugins/opensearch-ml/jline-terminal-jansi-3.21.0.jar
@sha 3HoLLxV3YjBIxRRhXKFN2B4yIPyX/x6kS30jCtgwvuw=
@size 39477
@ts 1768594065
opensearch/plugins/opensearch-ml/jmespath-java-1.12.780.jar
@sha 1fDxqIc+uBw75JYD2rPwrq8I3Ecxm1E/ZOY85jXo78E=
@size 27587
@ts 1768594065
opensearch/plugins/opensearch-ml/json-20231013.jar
@sha DxgZLfKJEU4XqhoNCn+DcsyfXH5Pfjmtz4kG/nFPp9M=
@size 74702
@ts 1768594065
opensearch/plugins/opensearch-ml/json-path-2.9.0.jar
@sha Eanub4i7MfFFAQjRz2RBN33shKygdetrsjQ74VdXW+o=
@size 276633
@ts 1768594065
opensearch/plugins/opensearch-ml/json-schema-validator-1.5.7.jar
@sha LHHpcNwbZ0mbme+vZZgmlumM7QAoVI1Dv066Bu3Yg08=
@size 580086
@ts 1768594065
opensearch/plugins/opensearch-ml/json-smart-2.5.2.jar
@sha T73tsBBc7cf3ZrlcKX0uiPtqVg2kjzu6oMxTjqi3v3E=
@size 122358
@ts 1768594065
opensearch/plugins/opensearch-ml/json-utils-2.32.29.jar
@sha PAMHYRQXgIIAJ0AAk8jy7IulruRaD2Zr6Ee+CINuGkg=
@size 33227
@ts 1768594065
opensearch/plugins/opensearch-ml/jsr305-3.0.2.jar
@sha dmrSoHg/JoeWLIrXTO7MOKKLn3Ki0IXuQ4t4E+ko0Mc=
@size 19936
@ts 1768594065
opensearch/plugins/opensearch-ml/kms-2.32.29.jar
@sha 6D7jejf8pSd6SVdTIqXS/N6HmnTPZwa45wP8ExP68QU=
@size 1672710
@ts 1768594065
opensearch/plugins/opensearch-ml/kotlin-stdlib-1.9.23.jar
@sha iRDMI4gH2G71UMsfCxDdXtQLNaTsGlJSX3YK7ehOrTc=
@size 1718956
@ts 1768594065
opensearch/plugins/opensearch-ml/kotlin-stdlib-jdk7-1.9.10.jar
@sha rGNhv5rR7TgsIQPZcSxHzewWYjK0kD7VluiHawaBybc=
@size 959
@ts 1768594065
opensearch/plugins/opensearch-ml/kotlin-stdlib-jdk8-1.9.10.jar
@sha pMdNlNZM4avlN2D+A4ndlB9vxVjQ2rNeR8CFoR7IDyg=
@size 965
@ts 1768594065
opensearch/plugins/opensearch-ml/libsvm-3.25.jar
@sha LtKzaLr/TTUvQ+J9nXkz656EmRqhGM2Mb7hoHEFBCgg=
@size 39949
@ts 1768594065
opensearch/plugins/opensearch-ml/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar
@sha s3KgN9QjCqV/vv/e8w/WEj+cDC24XQrO0AyRuXTzP5k=
@size 2199
@ts 1768594065
opensearch/plugins/opensearch-ml/log4j-slf4j-impl-2.21.0.jar
@sha WLNXuKp4k8vt2XIB67/7pjYNh771hs9qWgw1F9XXUlc=
@size 24478
@ts 1768594065
opensearch/plugins/opensearch-ml/mcp-0.12.1.jar
@sha E6X3h5rXkrtOd6JofGHrNQNz90bOcyShm493eNJzmqs=
@size 471165
@ts 1768594065
opensearch/plugins/opensearch-ml/metrics-spi-2.32.29.jar
@sha 4PPEfNmkEE16ry0j7TYF4ey5XPVLhuxVMVwBBBnCd+Y=
@size 27264
@ts 1768594065
opensearch/plugins/opensearch-ml/netty-buffer-4.2.7.Final.jar
@sha uBYTyO0iscw57M8qKL0MHUVh+y5eVCBhYX70zh0ii/U=
@size 373323
@ts 1768594065
opensearch/plugins/opensearch-ml/netty-codec-4.2.7.Final.jar
@sha XzaWWDgXiZmMBCqY8C2nHZw5iEu7T3/VgoL3ZeCcoDE=
@size 3947
@ts 1768594065
opensearch/plugins/opensearch-ml/netty-codec-base-4.2.7.Final.jar
@sha Y2BBW3yHFgr83l59SUbDVTm58EPoFmyRp//5XMYGfZ8=
@size 152980
@ts 1768594065
opensearch/plugins/opensearch-ml/netty-codec-compression-4.2.7.Final.jar
@sha 7dU600mRgEMBpGVxET2P+01vZ+bYdGdNr7uRVyQnXLM=
@size 182886
@ts 1768594065
opensearch/plugins/opensearch-ml/netty-codec-http-4.2.7.Final.jar
@sha KYTdOEIKYcTdaPysxR/8Uo60b3P3eVza/bOk1vy3aGI=
@size 683327
@ts 1768594065
opensearch/plugins/opensearch-ml/netty-codec-http2-4.2.7.Final.jar
@sha yYJUmD3/qcYrzLDjljjhE4/rTde0bnpmPnkPagcKkwY=
@size 501115
@ts 1768594065
opensearch/plugins/opensearch-ml/netty-codec-marshalling-4.2.7.Final.jar
@sha 5VCtt1jupDqkneAOdBiwmJMXEdSjHWLmXEGwmUyVsjc=
@size 20371
@ts 1768594065
opensearch/plugins/opensearch-ml/netty-codec-protobuf-4.2.7.Final.jar
@sha SyUlm2916/x38BSgj2m60BkRbU9cpUj9xB89rYwN4zE=
@size 14682
@ts 1768594065
opensearch/plugins/opensearch-ml/netty-common-4.2.7.Final.jar
@sha I0W8DtWEP6V6pJ66Z1KUhcOh1CD88EKTJMgiDHqA6aY=
@size 789111
@ts 1768594065
opensearch/plugins/opensearch-ml/netty-handler-4.2.7.Final.jar
@sha IdBjQJwS287EbTgMiFag97altou18dAF6wZbTWQUbLM=
@size 581349
@ts 1768594065
opensearch/plugins/opensearch-ml/netty-nio-client-2.32.29.jar
@sha 5RukASCT59Uc9h6EgpIPxWPEgfLH7jJHf0tK2Zls1bo=
@size 292690
@ts 1768594065
opensearch/plugins/opensearch-ml/netty-resolver-4.2.7.Final.jar
@sha fk1WmGfmwIQ3+yGiIOoBwpSw448BFJtoPIlaG82ShDg=
@size 38454
@ts 1768594065
opensearch/plugins/opensearch-ml/netty-transport-4.2.7.Final.jar
@sha qtxvsFwU+3iTaMo/hUchVJxy9sDYF5i7zPneG7cWiSs=
@size 562559
@ts 1768594065
opensearch/plugins/opensearch-ml/netty-transport-classes-epoll-4.1.124.Final.jar
@sha oJjJoJWWHIsRj5NSvyPEQ+DefFPbKvoNsYnXA67VPvg=
@size 147627
@ts 1768594065
opensearch/plugins/opensearch-ml/netty-transport-native-unix-common-4.2.7.Final.jar
@sha c2cDs/bRJ+GC9b6Ii24VcysMCNZjTgByU1KmqdGZdLI=
@size 46861
@ts 1768594065
opensearch/plugins/opensearch-ml/okhttp-4.12.0.jar
@sha sQUAgbFLt6On5VpNPvAbXc+rxFO0VzpPwBl2cZHV9OA=
@size 789531
@ts 1768594065
opensearch/plugins/opensearch-ml/okhttp-sse-4.12.0.jar
@sha v/T7yu96rC2RDU/0ba+qTm0V2hJ99rrJchbaRpQ6fUw=
@size 13065
@ts 1768594065
opensearch/plugins/opensearch-ml/okio-jvm-3.6.0.jar
@sha Z1Q/Bzb8QirpJ+0OUEuYvF4mn9oNNQBXkzfLcT2ihBI=
@size 359580
@ts 1768594065
opensearch/plugins/opensearch-ml/olcut-config-protobuf-5.2.1.jar
@sha qrKo4hIXWyeiMq53flUEuMfgq0X01dm9wosJlsz1qL0=
@size 195765
@ts 1768594065
opensearch/plugins/opensearch-ml/olcut-core-5.2.1.jar
@sha uEzYzfICX1Ii9ow+ZNwCcv6rRBTI5irkjP3ls4GJvOA=
@size 297453
@ts 1768594065
opensearch/plugins/opensearch-ml/onnxruntime-engine-0.31.1.jar
@sha Ydt9TKJTl7oIGyQKlmBbqU/aAJu2jX38dKkPP8wVXpU=
@size 55761
@ts 1768594065
opensearch/plugins/opensearch-ml/onnxruntime_gpu-1.16.3.jar
@sha d7puhk16ScscnHiSQ5tqzt/GEAOXYJp7KAFRxCVah7g=
@size 304246626
@ts 1768594066
opensearch/plugins/opensearch-ml/opencsv-5.4.jar
@sha n94e8+VEQE406u4V5L97p0uANV15gJOwUk1jpZk2JCs=
@size 230363
@ts 1768594066
opensearch/plugins/opensearch-ml/opensearch-java-3.3.0.jar
@sha aEXdlUdsTCQeYEWffRHmP/xD7cJ6V0qQBNEmzUFwIrU=
@size 10337037
@ts 1768594066
opensearch/plugins/opensearch-ml/opensearch-ml-3.4.0.0.jar
@sha oQ914zC5IJ1w2TGs7ItVZG94tW7H8ptlAG+rrpgQv8Y=
@size 1149347
@ts 1768594066
opensearch/plugins/opensearch-ml/opensearch-ml-algorithms-3.4.0.0.jar
@sha RbXPtQemxu0Xf97CSALHKM2EU4bx9KYi6uQhQLtqGm0=
@size 3322547
@ts 1768594066
opensearch/plugins/opensearch-ml/opensearch-ml-common-3.4.0.0.jar
@sha JexKP+v78xr2EgqsQ4ENDOX33Cm2D157h7LqTT/CX3c=
@size 4449578
@ts 1768594066
opensearch/plugins/opensearch-ml/opensearch-ml-memory-3.4.0.0.jar
@sha pCyEa3Qd12btDnpe9fWsHvmzPDrTwDNPV6KAZjIEdug=
@size 116837
@ts 1768594066
opensearch/plugins/opensearch-ml/opensearch-ml-search-processors-3.4.0.0.jar
@sha k3h3yZiaWV/hzXksm3iEGAnse36udmLSK0jrtcO6wEs=
@size 72810
@ts 1768594066
opensearch/plugins/opensearch-ml/opensearch-ml-spi-3.4.0.0.jar
@sha 2nfwI/mGNhuVsZ3NoUCYSrhZdhGZ+4p4PKZ143lnZaI=
@size 7089
@ts 1768594066
opensearch/plugins/opensearch-ml/opensearch-remote-metadata-sdk-3.4.0.0.jar
@sha 3+jrAuevsRVl9ehj3sd4n+NJHz2MieO7khiySE9JULo=
@size 73124
@ts 1768594066
opensearch/plugins/opensearch-ml/opensearch-remote-metadata-sdk-aos-client-3.4.0.0.jar
@sha WTFZBmiNmX1OXdgw8e5ILyUmSYk8dRTrM/OTSDTSc8Y=
@size 4046
@ts 1768594066
opensearch/plugins/opensearch-ml/opensearch-remote-metadata-sdk-ddb-client-3.4.0.0.jar
@sha wI0yrrpq1jIp8vYB19qpZ16NvSArLwAmuIYcBjweOJE=
@size 26792
@ts 1768594066
opensearch/plugins/opensearch-ml/opensearch-remote-metadata-sdk-remote-client-3.4.0.0.jar
@sha jBOc/dtRWEQyVbpE3pwoxTzAMbckbmaCfxHiGP6SoHU=
@size 22083
@ts 1768594066
opensearch/plugins/opensearch-ml/opensearch-rest-client-3.4.0.jar
@sha U0MBCalAXUrvDFY6H7z1tId84+fCBGam2/Y7C2z8vo0=
@size 90769
@ts 1768594066
opensearch/plugins/opensearch-ml/parsson-1.1.7.jar
@sha wh2wGPisbPeYk/Gvd/HNM3k3vRKub6PUsQ9aAIGe5Ww=
@size 125926
@ts 1768594066
opensearch/plugins/opensearch-ml/plugin-descriptor.properties
@sha tUeM9V745qvg1EThoI46gnPKoaIZHRgiBk1zTj1QUGo=
@size 1976
@ts 1768594066
opensearch/plugins/opensearch-ml/plugin-security.policy
@sha 7zyfK77qOdUChgQhkn/7Bt7v1ONopwXBOHDcsg622i8=
@size 1577
@ts 1768594066
opensearch/plugins/opensearch-ml/profiles-2.32.29.jar
@sha gVw/JIHu78WH+jkpQku6Jd0bFFw/MeU5TeLYxasSTd0=
@size 50526
@ts 1768594066
opensearch/plugins/opensearch-ml/protocol-core-2.32.29.jar
@sha qPKpC8T9US5v6Cvyr+0sirr6NbxoLo09ZmFs0kJJI7g=
@size 44371
@ts 1768594066
opensearch/plugins/opensearch-ml/protostuff-api-1.8.0.jar
@sha +lMueCVb9ggK9kkpDZT8Cl7oxVEzfiMQ0pysmTFDAgE=
@size 59422
@ts 1768594066
opensearch/plugins/opensearch-ml/protostuff-collectionschema-1.8.0.jar
@sha 6LSs9BijeqrvVGh94y52JjiAUzCqzBUUO66nzzLiiR4=
@size 53875
@ts 1768594066
opensearch/plugins/opensearch-ml/protostuff-core-1.8.0.jar
@sha RHMtiQ1cQncwyJtz51yaa8tDMfhyR/kDYriwFGHt10c=
@size 65050
@ts 1768594066
opensearch/plugins/opensearch-ml/protostuff-runtime-1.8.0.jar
@sha EPSNYw4UKuDtZp+uvxzJvTkjmTsu6D2qmFvRYCzC32Q=
@size 446060
@ts 1768594066
opensearch/plugins/opensearch-ml/pytorch-engine-0.31.1.jar
@sha MY2NXwKxqr6udw+mGzuVyJqejrpGVZLCAljF9RZXlDA=
@size 98868
@ts 1768594066
opensearch/plugins/opensearch-ml/pytorch-model-zoo-0.31.1.jar
@sha l+sTc2w7knN5YO/Iu7cvJ2FHLUzkB5UAuYrHQXkUEr4=
@size 25105
@ts 1768594066
opensearch/plugins/opensearch-ml/randomcutforest-core-3.0-rc3.jar
@sha ID69JWA4bC53TkZWIhGg919pa1MkKHb/oQMde4GH7j8=
@size 245521
@ts 1768594066
opensearch/plugins/opensearch-ml/randomcutforest-parkservices-3.0-rc3.jar
@sha QobKlM1YmlqJsEr83XEChDUAM7vlv8AuInDcUcto9q0=
@size 71889
@ts 1768594066
opensearch/plugins/opensearch-ml/randomcutforest-testutils-3.0-rc3.jar
@sha zbnnUCySe1xXLW8fAoIb1o92aeG9A3Kc/3KY3otYVZQ=
@size 10999
@ts 1768594066
opensearch/plugins/opensearch-ml/reflections-0.9.12.jar
@sha 0Wj1jTLyrnrFqNXZCSre7lJsYEtBEl3LRe6od5YKmc8=
@size 105848
@ts 1768594066
opensearch/plugins/opensearch-ml/regions-2.32.29.jar
@sha vFpFT/aX9XblNADO5Icd1hrXmsl3qZSjkP5/5OziVdU=
@size 965125
@ts 1768594066
opensearch/plugins/opensearch-ml/retries-2.32.29.jar
@sha UIwLX4G6yV/wDjBS5kWUouUlwYoUw7EMK+2JZw7Wgc0=
@size 66310
@ts 1768594066
opensearch/plugins/opensearch-ml/retries-spi-2.32.29.jar
@sha i5nnt87jcoG0ThM3zY8I3qVnLYSVJ3IXddSxWQlA70w=
@size 31488
@ts 1768594066
opensearch/plugins/opensearch-ml/s3-2.32.29.jar
@sha JOO3/BcoSEUfmUVxc+/O+UiwzofLG0lRnYK8ojwL8sg=
@size 4089156
@ts 1768594066
opensearch/plugins/opensearch-ml/sdk-core-2.32.29.jar
@sha 6G7ODQW0lPLNYAIVU8RtNNHOCDbxVBs6SFxb82wgT0A=
@size 1003729
@ts 1768594066
opensearch/plugins/opensearch-ml/slf4j-api-1.7.36.jar
@sha 0+9XXj5JeWeNwBvx3M5RAhSTtNEft/G+itmCh3wWocA=
@size 41125
@ts 1768594066
opensearch/plugins/opensearch-ml/sts-2.32.29.jar
@sha RLVyxxCA7A8TNFD5S4kjaQ3JnzeUq/NmHfZ+qLf2iho=
@size 541701
@ts 1768594066
opensearch/plugins/opensearch-ml/third-party-jackson-core-2.32.29.jar
@sha /zVXJBIK23V4bTpicRhpFoDI1rDGk6VdjZ1Ga/vMBDs=
@size 535001
@ts 1768594066
opensearch/plugins/opensearch-ml/tokenizers-0.31.1.jar
@sha DdHo82Yqpsa1tGNbHeiRBCZZAUbLrs7kVVakLkPZ0/o=
@size 18114160
@ts 1768594066
opensearch/plugins/opensearch-ml/tribuo-anomaly-core-4.2.1.jar
@sha 6MWayzXOPCh5ZNYVnrd7Vszw4Ybvpn5OJjNUhZptQ9A=
@size 54455
@ts 1768594066
opensearch/plugins/opensearch-ml/tribuo-anomaly-libsvm-4.2.1.jar
@sha ktjyoVwXtBAyKZz+G7cth3DoGBjFZxiTpc+TfBKWi6w=
@size 32080
@ts 1768594066
opensearch/plugins/opensearch-ml/tribuo-classification-core-4.2.1.jar
@sha KNADZe1fyReQW46e99NUidxuOZU3miIV6S04bxvvhQw=
@size 141966
@ts 1768594066
opensearch/plugins/opensearch-ml/tribuo-classification-sgd-4.2.1.jar
@sha Jfre2DMuhi5EsI9fj+UJq9xqvSiLZZoYyQtgMzkZClI=
@size 94458
@ts 1768594066
opensearch/plugins/opensearch-ml/tribuo-clustering-core-4.2.1.jar
@sha O0aPhYZx085iYYpIoVf9avZwChO1njQb15sh5CzYSXY=
@size 54936
@ts 1768594066
opensearch/plugins/opensearch-ml/tribuo-clustering-kmeans-4.2.1.jar
@sha eQsMdZRUbMp/5MhA/+Km/g2LtE3WPoN6mTks6EfP1cs=
@size 46535
@ts 1768594066
opensearch/plugins/opensearch-ml/tribuo-common-libsvm-4.2.1.jar
@sha QLF9hu2/12MCj/j4huXFE27iShRtAIeTtnqqEYwI9iw=
@size 37809
@ts 1768594066
opensearch/plugins/opensearch-ml/tribuo-common-sgd-4.2.1.jar
@sha 4eOJrTutX7C2Ml2xutpQ2Ug2zizS7ibnrUQ05BpXBOI=
@size 49214
@ts 1768594066
opensearch/plugins/opensearch-ml/tribuo-common-tree-4.2.1.jar
@sha MKw3eYNFQMp0at4JvZD09BwsdvZA4/eK6iq69IrSFgY=
@size 47598
@ts 1768594066
opensearch/plugins/opensearch-ml/tribuo-core-4.2.1.jar
@sha P16ChPH6obBGnrusc2tnsSyI5fHMR4BqIYl42eLBTbA=
@size 334440
@ts 1768594066
opensearch/plugins/opensearch-ml/tribuo-data-4.2.1.jar
@sha 6xmOSZ5+QoDcSTyl/6VtWlH6iShOw6C+obQZPFnv+Vs=
@size 189561
@ts 1768594066
opensearch/plugins/opensearch-ml/tribuo-math-4.2.1.jar
@sha LtNhTYt4zJDJLJnKFxVEH2A9zDmWFQ3L1dmZdOnJIrY=
@size 127712
@ts 1768594066
opensearch/plugins/opensearch-ml/tribuo-regression-core-4.2.1.jar
@sha RZpwaAeThVscDeSZrByc0FapHcGjJwxjchzDl8ff4Ps=
@size 100264
@ts 1768594066
opensearch/plugins/opensearch-ml/tribuo-regression-sgd-4.2.1.jar
@sha VkSXZ+GFmcthp+FRDFHDA4kvIJSAwYExLMHW6OehSOA=
@size 52155
@ts 1768594066
opensearch/plugins/opensearch-ml/tribuo-util-infotheory-4.2.1.jar
@sha e7fJsDEFdBkw/ugz7CYzPooHXC4kNMgSOU2e27Okflk=
@size 73598
@ts 1768594066
opensearch/plugins/opensearch-ml/tribuo-util-onnx-4.2.1.jar
@sha egNipKJycA/4plWJcKOMB7WAQnXSmtT9edS2Eb6HWE0=
@size 363639
@ts 1768594066
opensearch/plugins/opensearch-ml/tribuo-util-tokenization-4.2.1.jar
@sha 8CEyFaz6c6SbkpwKpSKrdgdAWMRTHeHmQUHWEzjQhqM=
@size 70197
@ts 1768594066
opensearch/plugins/opensearch-ml/url-connection-client-2.32.29.jar
@sha BMTLQm5+1KOqpij7puev2Xaindr8EVZTZ7fT4lgVVKI=
@size 33043
@ts 1768594066
opensearch/plugins/opensearch-ml/utils-2.32.29.jar
@sha vsDQ8RXDFdlQORIj71Gh54rwZnNtUcwX8NR9zuQ0EnU=
@size 241619
@ts 1768594066
opensearch/plugins/opensearch-ml/yasson-2.0.2.jar
@sha DtjA72Z37hVxn+/WuOwIex2nHgq9Pb/oDdIfGeU0JO4=
@size 350751
@ts 1768594066
opensearch/plugins/opensearch-neural-search/
opensearch/plugins/opensearch-neural-search/LICENSE.txt
@sha CeipvOyAZxBGUsFoaFqwkx54aPnIKEtm9a5u2uXxEws=
@size 10142
@ts 1768594066
opensearch/plugins/opensearch-neural-search/NOTICE.txt
@sha 39fJyTD8RIQNy1mgxYTmUY9PfI65A4c7OnUXNELpDRQ=
@size 69
@ts 1768594066
opensearch/plugins/opensearch-neural-search/common-utils-3.4.0.0.jar
@sha EaluPH7jkkdcfb7DZlVUkVrcBua+kn+YNFhESwDOKU0=
@size 878286
@ts 1768594066
opensearch/plugins/opensearch-neural-search/commons-collections4-4.5.0.jar
@sha APkyY8JnviAbiuUhtEpxNycbFmiENTQL9inbG6wKWEU=
@size 898652
@ts 1768594066
opensearch/plugins/opensearch-neural-search/commons-math3-3.6.1.jar
@sha HlbXsFjSi2Wr0la4RY44hbZ0wdWI+kPNfRy7nH7yswg=
@size 2213560
@ts 1768594066
opensearch/plugins/opensearch-neural-search/commons-text-1.10.0.jar
@sha dwzZA/p7YE0ffve6F/hBCGZylLK0eL6O0a87/7SuABg=
@size 238400
@ts 1768594066
opensearch/plugins/opensearch-neural-search/gson-2.10.1.jar
@sha QkHBSncnw0/uplB+yAExij1KkPBw5FJWgQefuU7kxZM=
@size 283367
@ts 1768594066
opensearch/plugins/opensearch-neural-search/jackson-annotations-2.18.2.jar
@sha WBvWEADvdkiUP3gcoFaJ5W0D9gUnSDZajis6m10/oy8=
@size 78494
@ts 1768594066
opensearch/plugins/opensearch-neural-search/jackson-databind-2.18.2.jar
@sha SzZOaFDciRcvzx1N0muP9UiO2kT/RlfiLdJlID3Vqzw=
@size 1658755
@ts 1768594066
opensearch/plugins/opensearch-neural-search/javassist-3.29.2-GA.jar
@sha qQ3bJRNd+eV+qb1OIk4hlVSSl1j5uumWXyn4HWCjKT8=
@size 794137
@ts 1768594066
opensearch/plugins/opensearch-neural-search/json-20231013.jar
@sha DxgZLfKJEU4XqhoNCn+DcsyfXH5Pfjmtz4kG/nFPp9M=
@size 74702
@ts 1768594066
opensearch/plugins/opensearch-neural-search/json-path-2.9.0.jar
@sha Eanub4i7MfFFAQjRz2RBN33shKygdetrsjQ74VdXW+o=
@size 276633
@ts 1768594066
opensearch/plugins/opensearch-neural-search/json-smart-2.5.2.jar
@sha T73tsBBc7cf3ZrlcKX0uiPtqVg2kjzu6oMxTjqi3v3E=
@size 122358
@ts 1768594066
opensearch/plugins/opensearch-neural-search/mapper-extras-client-3.4.0.jar
@sha b31OHxdWuvJTN4JIaaBT5hh04XzoGxdcDItxWA/fdf8=
@size 85807
@ts 1768594066
opensearch/plugins/opensearch-neural-search/opensearch-ml-client-3.4.0.0.jar
@sha wnxvNV7rAlCSD5p1M1NueszEgWXohxj1WhwH7NWgTtk=
@size 4467391
@ts 1768594066
opensearch/plugins/opensearch-neural-search/opensearch-neural-search-3.4.0.0.jar
@sha vxK9b5OSRS06/fSbzcfecSDjmN+7ATnC4B2Zz1A2SEo=
@size 940036
@ts 1768594067
opensearch/plugins/opensearch-neural-search/plugin-descriptor.properties
@sha UqHTgZS4e3NSdyfGYMGLuqjclN/wqRzVMFy+jLhQkYc=
@size 1976
@ts 1768594067
opensearch/plugins/opensearch-neural-search/plugin-security.policy
@sha pb3U63qTK5sjjxOrjE2E1R5rqIlt7sgtvxYDPAZrm6M=
@size 307
@ts 1768594067
opensearch/plugins/opensearch-neural-search/reflections-0.9.12.jar
@sha 0Wj1jTLyrnrFqNXZCSre7lJsYEtBEl3LRe6od5YKmc8=
@size 105848
@ts 1768594067
opensearch/plugins/opensearch-notifications/
opensearch/plugins/opensearch-notifications-core/
opensearch/plugins/opensearch-notifications-core/angus-activation-2.0.2.jar
@sha bdO8/8IrzoOwc3ag4uCU5JZKMZXUEY+0PjgO81Q2zB4=
@size 27050
@ts 1768594067
opensearch/plugins/opensearch-notifications-core/angus-mail-2.0.4.jar
@sha hzAYZVhLrZFwZis+7vA1Cqr+pFIkg+OOVK6H3D3z6Vg=
@size 498833
@ts 1768594067
opensearch/plugins/opensearch-notifications-core/aws-java-sdk-core-1.12.687.jar
@sha 12sjzSCSt9Bs6Lc6nQOINUF6qDneP149QP6kvFAuFtM=
@size 1036914
@ts 1768594067
opensearch/plugins/opensearch-notifications-core/aws-java-sdk-ses-1.12.687.jar
@sha s3/YWYl7X+IoP2N4ysrN4eDM430w1ouXdGENtoM0DDY=
@size 793569
@ts 1768594067
opensearch/plugins/opensearch-notifications-core/aws-java-sdk-sns-1.12.687.jar
@sha GPerjRgROh06y2eNbFOn4lYxuxv3f64E5DKNBj+/7tI=
@size 483683
@ts 1768594067
opensearch/plugins/opensearch-notifications-core/aws-java-sdk-sts-1.12.687.jar
@sha U3RE6hhei6lyiMO0jMZdrR1jx2lI6TxtfpkehgGBMvM=
@size 154477
@ts 1768594067
opensearch/plugins/opensearch-notifications-core/commons-logging-1.3.5.jar
@sha bXp0TkAnZJ+7UIld+Ul9EJ+Yx2amNwYv6NLqu7MUC6Q=
@size 73737
@ts 1768594067
opensearch/plugins/opensearch-notifications-core/httpclient5-5.4.4.jar
@sha P4ZX6rkbdTPlzyMtTiaCU8T/n5nx5LzWeEFhi+1n8t4=
@size 911620
@ts 1768594067
opensearch/plugins/opensearch-notifications-core/httpcore5-5.3.4.jar
@sha 8rL9egFk6MMSDNhDe8n+pDkjnhZcFyYrPpB9qn6Xn4A=
@size 908601
@ts 1768594067
opensearch/plugins/opensearch-notifications-core/httpcore5-h2-5.3.4.jar
@sha H7TzTkthLnwSetaTM1WDWHhQsXzpscNm+d4cpJ/ix4E=
@size 241692
@ts 1768594067
opensearch/plugins/opensearch-notifications-core/jackson-annotations-2.18.2.jar
@sha WBvWEADvdkiUP3gcoFaJ5W0D9gUnSDZajis6m10/oy8=
@size 78494
@ts 1768594067
opensearch/plugins/opensearch-notifications-core/jackson-databind-2.18.2.jar
@sha SzZOaFDciRcvzx1N0muP9UiO2kT/RlfiLdJlID3Vqzw=
@size 1658755
@ts 1768594067
opensearch/plugins/opensearch-notifications-core/jakarta.activation-api-2.1.3.jar
@sha AbF21xihaSY+eCkGkfxHmXcYa8xrMzSHMlCE1lhvRic=
@size 66514
@ts 1768594067
opensearch/plugins/opensearch-notifications-core/jakarta.mail-api-2.1.3.jar
@sha gFG1jXX5gvmluWOzdlQm6CSypkhl7wrxcgXkVbmNsFw=
@size 236454
@ts 1768594067
opensearch/plugins/opensearch-notifications-core/kotlin-stdlib-2.2.20.jar
@sha iDbM/9NYX63amQEkSyDUKQHS881YEFjYQ04v+rzzo+c=
@size 1761444
@ts 1768594067
opensearch/plugins/opensearch-notifications-core/log4j-slf4j-impl-2.21.0.jar
@sha WLNXuKp4k8vt2XIB67/7pjYNh771hs9qWgw1F9XXUlc=
@size 24478
@ts 1768594067
opensearch/plugins/opensearch-notifications-core/opensearch-notifications-core-3.4.0.0.jar
@sha QUMma5YkFaDK/BwFsb/N7Hgh+YuEvsoitqNxLfVKYU8=
@size 75922
@ts 1768594067
opensearch/plugins/opensearch-notifications-core/opensearch-notifications-core-spi-3.4.0.0.jar
@sha Ia3xV2CrqDTqVQm58BenvQiU6aIhFhMIGOVi/jF9pRY=
@size 5135119
@ts 1768594067
opensearch/plugins/opensearch-notifications-core/plugin-descriptor.properties
@sha BcP3plA7ZLaRHKdKNbUAEHzwA0KEkkg4YfBkJBziXEY=
@size 1942
@ts 1768594067
opensearch/plugins/opensearch-notifications-core/plugin-security.policy
@sha DxnhA8/Zx6dikznYhfYhX27J3JFsqF4OpsedRPaD1+I=
@size 1942
@ts 1768594067
opensearch/plugins/opensearch-notifications-core/slf4j-api-2.0.17.jar
@sha e3UdlSBhlU1av+1xgcH2RdM2CRtnmJFZHWMynGIuuDI=
@size 69908
@ts 1768594067
opensearch/plugins/opensearch-notifications/DafnyRuntime-4.9.0.jar
@sha 7TI7doBvjcUX/C43JOj1I5ErhcJ+BiIIrQ2gqvqRF5M=
@size 159922
@ts 1768594067
opensearch/plugins/opensearch-notifications/annotations-2.32.29.jar
@sha Wa6vk2IupxJzAa6+VrxYCVCurOSNdeaT1SQks+B2bKw=
@size 13758
@ts 1768594067
opensearch/plugins/opensearch-notifications/apache-client-2.32.29.jar
@sha dZMKDvaf3D2XjR41vzwbZ3jmO3T9c9BMogerY+pqo5w=
@size 77015
@ts 1768594067
opensearch/plugins/opensearch-notifications/auth-2.32.29.jar
@sha ATsdaOp/QmlRhmrX/q1FvwKJdFVbkYyNQUraMGvsoqU=
@size 234932
@ts 1768594067
opensearch/plugins/opensearch-notifications/aws-core-2.32.29.jar
@sha cNRV9w0BBI9C8kL43gGgypg3+jcbLNOLXDVrzkvmQwo=
@size 192119
@ts 1768594067
opensearch/plugins/opensearch-notifications/aws-cryptographic-material-providers-1.11.0.jar
@sha jQlxoRJqZyOEC3aDKAaaxHbz8rYbaIxRhwByNXC/dKg=
@size 3640181
@ts 1768594067
opensearch/plugins/opensearch-notifications/aws-database-encryption-sdk-dynamodb-3.9.0.jar
@sha C23yoe17wQMUWSIxl4WcdzZj7Vlwy2UqafpGIhCn1nk=
@size 1479002
@ts 1768594067
opensearch/plugins/opensearch-notifications/aws-java-sdk-dynamodb-1.12.687.jar
@sha q4G9a3Fr+2wgwqUkJWA5tA1OVrL0uU5DKQuPWhyg+As=
@size 2143014
@ts 1768594067
opensearch/plugins/opensearch-notifications/aws-java-sdk-kms-1.12.687.jar
@sha LUfRbhWCUAZUhfIAQtE/QQwyHoQLNsOGCg8LYgDDOSQ=
@size 717282
@ts 1768594067
opensearch/plugins/opensearch-notifications/aws-java-sdk-s3-1.12.687.jar
@sha cIaxteoTsBjsFX+3kOA8KwrJveCJ4oLmubCrFEFKAQQ=
@size 1271273
@ts 1768594067
opensearch/plugins/opensearch-notifications/aws-json-protocol-2.32.29.jar
@sha Sp2eXUYOHvBt3ed7K7iNsliSWSjt0SKfXZCDAB2CcEc=
@size 141897
@ts 1768594067
opensearch/plugins/opensearch-notifications/aws-query-protocol-2.32.29.jar
@sha 8rpzeZ7aLYKlE35icW/lhICjNS+SookLpfZEyAP+NE8=
@size 69370
@ts 1768594067
opensearch/plugins/opensearch-notifications/bcprov-jdk18on-1.78.1.jar
@sha rdWRXmrPxqtYNuH9il4hxkiFNqjB8h84bus78oC3Atc=
@size 8324412
@ts 1768594067
opensearch/plugins/opensearch-notifications/checksums-2.32.29.jar
@sha HMihDy0Y15pl4YEMFrceR+iCCvSzta0oELPPRHY4Rz8=
@size 69586
@ts 1768594067
opensearch/plugins/opensearch-notifications/checksums-spi-2.32.29.jar
@sha lD/VkMwrxuLqebQ2tmsNjG5lgM8w7IFOOmU3pT0cetA=
@size 8046
@ts 1768594067
opensearch/plugins/opensearch-notifications/common-utils-3.4.0.0.jar
@sha EaluPH7jkkdcfb7DZlVUkVrcBua+kn+YNFhESwDOKU0=
@size 878286
@ts 1768594067
opensearch/plugins/opensearch-notifications/conversion-0.1.1.jar
@sha OGB2Kitm6xPCwORrqxhc8368njBUqgmVBYWsQBtO6dc=
@size 9583
@ts 1768594067
opensearch/plugins/opensearch-notifications/dynamodb-2.32.29.jar
@sha uEDhe9utzjG4HnSNLMpz470H0jleDj30g3kq5UGBfpo=
@size 3124375
@ts 1768594067
opensearch/plugins/opensearch-notifications/dynamodb-enhanced-2.32.29.jar
@sha Avb43q5iAYCsGnqxTmTraZFT9QQ50hqVVFDIATu0fSA=
@size 718524
@ts 1768594067
opensearch/plugins/opensearch-notifications/endpoints-spi-2.32.29.jar
@sha 42wpIoo2iYOxo6JI5sOyG4GvrCWA02PWXDb5eHthc/w=
@size 13169
@ts 1768594067
opensearch/plugins/opensearch-notifications/eventstream-1.0.1.jar
@sha DDfY5pYRfwLDAhkbgRCw0Osg+kEvzjTDomnsc8Fs6CI=
@size 30193
@ts 1768594067
opensearch/plugins/opensearch-notifications/http-auth-2.32.29.jar
@sha I+er8GY7Go/EJXNPK+GZseLtRP8Sv8JsXHGLC53JYCc=
@size 17475
@ts 1768594067
opensearch/plugins/opensearch-notifications/http-auth-aws-2.32.29.jar
@sha OjG0LdLogTjcSORi1A5UFuj2ya62U/9HvIVeum0Bc78=
@size 168303
@ts 1768594067
opensearch/plugins/opensearch-notifications/http-auth-aws-eventstream-2.32.29.jar
@sha qDfGXgqB+OZjd3slAq7OWoIk9jxL+9F0EPcKVcYjcfA=
@size 8706
@ts 1768594067
opensearch/plugins/opensearch-notifications/http-auth-spi-2.32.29.jar
@sha gf9F+jQn2yz+Sp7x6z/E7fqR4mXFbJSvSn3HI19mptc=
@size 45763
@ts 1768594067
opensearch/plugins/opensearch-notifications/http-client-spi-2.32.29.jar
@sha DB0uAnlUqgB25mWYBO61Lvi8NYkEnhNUAuNHyVpjqEM=
@size 91686
@ts 1768594067
opensearch/plugins/opensearch-notifications/httpclient-4.5.14.jar
@sha yLx+HFGm1M5y9A0uu6vxxLaL/nbnMhBLBDgbSTR46dY=
@size 785639
@ts 1768594067
opensearch/plugins/opensearch-notifications/httpcore-4.4.16.jar
@sha bJs90UKgncRo4jrTmq1vdaDyuFElEERp8CblKkdORk8=
@size 327891
@ts 1768594067
opensearch/plugins/opensearch-notifications/httpcore5-reactive-5.3.4.jar
@sha EPMnrkhmgQW4kgX7AXf2ajMECwr0RVqmj/OD07p8DLU=
@size 20591
@ts 1768594067
opensearch/plugins/opensearch-notifications/identity-spi-2.32.29.jar
@sha A+6nGaq2IoRfhaiQUPgamncRyFrH2GrdzcYy2MjrkW8=
@size 30964
@ts 1768594067
opensearch/plugins/opensearch-notifications/jackson-datatype-jsr310-2.18.2.jar
@sha 4tIC1GBuI66vilqWMtsG9f79W2PSUcP1A/n6qnhTDlw=
@size 132690
@ts 1768594067
opensearch/plugins/opensearch-notifications/jakarta.json-2.0.0-module.jar
@sha 4cA5gwH1dMzbfJuxtGjT/h1GrCCIrJpfTdIjC/cHr8g=
@size 115492
@ts 1768594067
opensearch/plugins/opensearch-notifications/jakarta.json-api-2.1.3.jar
@sha vJNBQoBeodeU8UQFY5ZaOGGiqft0FOzT/kTyZQBzRBQ=
@size 48629
@ts 1768594067
opensearch/plugins/opensearch-notifications/jakarta.json.bind-api-2.0.0.jar
@sha peYGtYiLQStIkHrWiLNN/k4wroGJxvJ8wEkbjzwDYoc=
@size 35689
@ts 1768594067
opensearch/plugins/opensearch-notifications/jmespath-java-1.12.687.jar
@sha TIbi+nmAFHiLMJjlJB+5dUdb4wWhKDWsVzvfTgHlCKg=
@size 27589
@ts 1768594067
opensearch/plugins/opensearch-notifications/json-utils-2.32.29.jar
@sha PAMHYRQXgIIAJ0AAk8jy7IulruRaD2Zr6Ee+CINuGkg=
@size 33227
@ts 1768594067
opensearch/plugins/opensearch-notifications/jsr305-3.0.2.jar
@sha dmrSoHg/JoeWLIrXTO7MOKKLn3Ki0IXuQ4t4E+ko0Mc=
@size 19936
@ts 1768594067
opensearch/plugins/opensearch-notifications/kms-2.32.29.jar
@sha 6D7jejf8pSd6SVdTIqXS/N6HmnTPZwa45wP8ExP68QU=
@size 1672710
@ts 1768594067
opensearch/plugins/opensearch-notifications/kotlinx-coroutines-core-jvm-1.4.3.jar
@sha 974I3fhr2IAg2nt4rb9EIoeZzKVNXAxDlthQvGZyUWM=
@size 1656936
@ts 1768594067
opensearch/plugins/opensearch-notifications/metrics-spi-2.32.29.jar
@sha 4PPEfNmkEE16ry0j7TYF4ey5XPVLhuxVMVwBBBnCd+Y=
@size 27264
@ts 1768594067
opensearch/plugins/opensearch-notifications/netty-buffer-4.2.7.Final.jar
@sha uBYTyO0iscw57M8qKL0MHUVh+y5eVCBhYX70zh0ii/U=
@size 373323
@ts 1768594067
opensearch/plugins/opensearch-notifications/netty-codec-4.2.7.Final.jar
@sha XzaWWDgXiZmMBCqY8C2nHZw5iEu7T3/VgoL3ZeCcoDE=
@size 3947
@ts 1768594067
opensearch/plugins/opensearch-notifications/netty-codec-base-4.2.7.Final.jar
@sha Y2BBW3yHFgr83l59SUbDVTm58EPoFmyRp//5XMYGfZ8=
@size 152980
@ts 1768594067
opensearch/plugins/opensearch-notifications/netty-codec-compression-4.2.7.Final.jar
@sha 7dU600mRgEMBpGVxET2P+01vZ+bYdGdNr7uRVyQnXLM=
@size 182886
@ts 1768594067
opensearch/plugins/opensearch-notifications/netty-codec-http-4.2.7.Final.jar
@sha KYTdOEIKYcTdaPysxR/8Uo60b3P3eVza/bOk1vy3aGI=
@size 683327
@ts 1768594067
opensearch/plugins/opensearch-notifications/netty-codec-http2-4.2.7.Final.jar
@sha yYJUmD3/qcYrzLDjljjhE4/rTde0bnpmPnkPagcKkwY=
@size 501115
@ts 1768594067
opensearch/plugins/opensearch-notifications/netty-codec-marshalling-4.2.7.Final.jar
@sha 5VCtt1jupDqkneAOdBiwmJMXEdSjHWLmXEGwmUyVsjc=
@size 20371
@ts 1768594067
opensearch/plugins/opensearch-notifications/netty-codec-protobuf-4.2.7.Final.jar
@sha SyUlm2916/x38BSgj2m60BkRbU9cpUj9xB89rYwN4zE=
@size 14682
@ts 1768594067
opensearch/plugins/opensearch-notifications/netty-common-4.2.7.Final.jar
@sha I0W8DtWEP6V6pJ66Z1KUhcOh1CD88EKTJMgiDHqA6aY=
@size 789111
@ts 1768594067
opensearch/plugins/opensearch-notifications/netty-handler-4.2.7.Final.jar
@sha IdBjQJwS287EbTgMiFag97altou18dAF6wZbTWQUbLM=
@size 581349
@ts 1768594067
opensearch/plugins/opensearch-notifications/netty-nio-client-2.32.29.jar
@sha 5RukASCT59Uc9h6EgpIPxWPEgfLH7jJHf0tK2Zls1bo=
@size 292690
@ts 1768594067
opensearch/plugins/opensearch-notifications/netty-resolver-4.2.7.Final.jar
@sha fk1WmGfmwIQ3+yGiIOoBwpSw448BFJtoPIlaG82ShDg=
@size 38454
@ts 1768594067
opensearch/plugins/opensearch-notifications/netty-transport-4.2.7.Final.jar
@sha qtxvsFwU+3iTaMo/hUchVJxy9sDYF5i7zPneG7cWiSs=
@size 562559
@ts 1768594067
opensearch/plugins/opensearch-notifications/netty-transport-classes-epoll-4.1.124.Final.jar
@sha oJjJoJWWHIsRj5NSvyPEQ+DefFPbKvoNsYnXA67VPvg=
@size 147627
@ts 1768594067
opensearch/plugins/opensearch-notifications/netty-transport-native-unix-common-4.2.7.Final.jar
@sha c2cDs/bRJ+GC9b6Ii24VcysMCNZjTgByU1KmqdGZdLI=
@size 46861
@ts 1768594067
opensearch/plugins/opensearch-notifications/opensearch-java-3.3.0.jar
@sha aEXdlUdsTCQeYEWffRHmP/xD7cJ6V0qQBNEmzUFwIrU=
@size 10337037
@ts 1768594067
opensearch/plugins/opensearch-notifications/opensearch-notifications-3.4.0.0.jar
@sha FJT+jWZHPIeZFqnrS7WBMhlY4CcfSXHLiLzR/jDP6Bs=
@size 279851
@ts 1768594067
opensearch/plugins/opensearch-notifications/opensearch-remote-metadata-sdk-3.4.0.0.jar
@sha 3+jrAuevsRVl9ehj3sd4n+NJHz2MieO7khiySE9JULo=
@size 73124
@ts 1768594067
opensearch/plugins/opensearch-notifications/opensearch-remote-metadata-sdk-aos-client-3.4.0.0.jar
@sha WTFZBmiNmX1OXdgw8e5ILyUmSYk8dRTrM/OTSDTSc8Y=
@size 4046
@ts 1768594067
opensearch/plugins/opensearch-notifications/opensearch-remote-metadata-sdk-ddb-client-3.4.0.0.jar
@sha wI0yrrpq1jIp8vYB19qpZ16NvSArLwAmuIYcBjweOJE=
@size 26792
@ts 1768594067
opensearch/plugins/opensearch-notifications/opensearch-remote-metadata-sdk-remote-client-3.4.0.0.jar
@sha jBOc/dtRWEQyVbpE3pwoxTzAMbckbmaCfxHiGP6SoHU=
@size 22083
@ts 1768594067
opensearch/plugins/opensearch-notifications/opensearch-rest-client-3.4.0.jar
@sha U0MBCalAXUrvDFY6H7z1tId84+fCBGam2/Y7C2z8vo0=
@size 90769
@ts 1768594067
opensearch/plugins/opensearch-notifications/parsson-1.1.7.jar
@sha wh2wGPisbPeYk/Gvd/HNM3k3vRKub6PUsQ9aAIGe5Ww=
@size 125926
@ts 1768594067
opensearch/plugins/opensearch-notifications/plugin-descriptor.properties
@sha CeaBOJ7qLCpp6BNZtJPVMlHsD8zNbXsWMRMNFqsdzTE=
@size 1952
@ts 1768594067
opensearch/plugins/opensearch-notifications/plugin-security.policy
@sha DxnhA8/Zx6dikznYhfYhX27J3JFsqF4OpsedRPaD1+I=
@size 1942
@ts 1768594067
opensearch/plugins/opensearch-notifications/profiles-2.32.29.jar
@sha gVw/JIHu78WH+jkpQku6Jd0bFFw/MeU5TeLYxasSTd0=
@size 50526
@ts 1768594067
opensearch/plugins/opensearch-notifications/protocol-core-2.32.29.jar
@sha qPKpC8T9US5v6Cvyr+0sirr6NbxoLo09ZmFs0kJJI7g=
@size 44371
@ts 1768594067
opensearch/plugins/opensearch-notifications/regions-2.32.29.jar
@sha vFpFT/aX9XblNADO5Icd1hrXmsl3qZSjkP5/5OziVdU=
@size 965125
@ts 1768594067
opensearch/plugins/opensearch-notifications/retries-2.32.29.jar
@sha UIwLX4G6yV/wDjBS5kWUouUlwYoUw7EMK+2JZw7Wgc0=
@size 66310
@ts 1768594067
opensearch/plugins/opensearch-notifications/retries-spi-2.32.29.jar
@sha i5nnt87jcoG0ThM3zY8I3qVnLYSVJ3IXddSxWQlA70w=
@size 31488
@ts 1768594067
opensearch/plugins/opensearch-notifications/sdk-core-2.32.29.jar
@sha 6G7ODQW0lPLNYAIVU8RtNNHOCDbxVBs6SFxb82wgT0A=
@size 1003729
@ts 1768594067
opensearch/plugins/opensearch-notifications/sts-2.32.29.jar
@sha RLVyxxCA7A8TNFD5S4kjaQ3JnzeUq/NmHfZ+qLf2iho=
@size 541701
@ts 1768594067
opensearch/plugins/opensearch-notifications/third-party-jackson-core-2.32.29.jar
@sha /zVXJBIK23V4bTpicRhpFoDI1rDGk6VdjZ1Ga/vMBDs=
@size 535001
@ts 1768594067
opensearch/plugins/opensearch-notifications/url-connection-client-2.32.29.jar
@sha BMTLQm5+1KOqpij7puev2Xaindr8EVZTZ7fT4lgVVKI=
@size 33043
@ts 1768594067
opensearch/plugins/opensearch-notifications/utils-2.32.29.jar
@sha vsDQ8RXDFdlQORIj71Gh54rwZnNtUcwX8NR9zuQ0EnU=
@size 241619
@ts 1768594067
opensearch/plugins/opensearch-notifications/yasson-2.0.2.jar
@sha DtjA72Z37hVxn+/WuOwIex2nHgq9Pb/oDdIfGeU0JO4=
@size 350751
@ts 1768594067
opensearch/plugins/opensearch-observability/
opensearch/plugins/opensearch-observability/common-utils-3.4.0.0.jar
@sha EaluPH7jkkdcfb7DZlVUkVrcBua+kn+YNFhESwDOKU0=
@size 878286
@ts 1768594067
opensearch/plugins/opensearch-observability/jackson-annotations-2.18.2.jar
@sha WBvWEADvdkiUP3gcoFaJ5W0D9gUnSDZajis6m10/oy8=
@size 78494
@ts 1768594067
opensearch/plugins/opensearch-observability/jackson-databind-2.18.2.jar
@sha SzZOaFDciRcvzx1N0muP9UiO2kT/RlfiLdJlID3Vqzw=
@size 1658755
@ts 1768594067
opensearch/plugins/opensearch-observability/json-20231013.jar
@sha DxgZLfKJEU4XqhoNCn+DcsyfXH5Pfjmtz4kG/nFPp9M=
@size 74702
@ts 1768594067
opensearch/plugins/opensearch-observability/json-base-2.2.1.jar
@sha BA7cVbpuQJsPNuHxS6Rl+rC+/i5Q4CkWl480pW/xZ/s=
@size 30216
@ts 1768594067
opensearch/plugins/opensearch-observability/json-flattener-0.15.1.jar
@sha dNWzrle7JYSmsGs3cMs/drRDSgYD93r6N2gJxD6f2LU=
@size 34337
@ts 1768594067
opensearch/plugins/opensearch-observability/kotlin-stdlib-2.2.0.jar
@sha ZdEthaO4ZcFg25FHhRcSpksQ2t1osi7qIqlb+KhnDco=
@size 1750373
@ts 1768594067
opensearch/plugins/opensearch-observability/kotlinx-coroutines-core-jvm-1.9.0.jar
@sha rYnCiSI15nDyItgZyz2BGIFDyxmgW1nfmImuQmn1xwo=
@size 1463587
@ts 1768594067
opensearch/plugins/opensearch-observability/opensearch-observability-3.4.0.0.jar
@sha X49Wvl4CgG7qr5MniZEYTkJCigDevuoX/QyqFHy+pnk=
@size 296867
@ts 1768594067
opensearch/plugins/opensearch-observability/plugin-descriptor.properties
@sha d2KHXjVgzXiZgEl5Ld+WTIigu7QS9axxpI57dAe98MA=
@size 1950
@ts 1768594067
opensearch/plugins/opensearch-observability/plugin-security.policy
@sha c1f+y0rFj9R+C3C/x/bzgi4wNm0Z8xJ75nd/mcZzNBY=
@size 479
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/
opensearch/plugins/opensearch-performance-analyzer/bc-fips-2.1.2.jar
@sha BE/NiinSNu3qiltBRAbNrmO0dfmtnwX+LckEoneUERU=
@size 8608495
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/bcpkix-fips-2.1.9.jar
@sha wxpK7toY+YsG3qtQ9sX6ly64dVXvE0Joviju2V+t7Oc=
@size 1024458
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/byte-buddy-1.9.7.jar
@sha aakUDBHeRjeJobrf5sPc3BdgjEMEy0Q8XDoXlYW3izk=
@size 3264259
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/byte-buddy-agent-1.9.7.jar
@sha FFzg+rU5A3TmmytAcNZf7aorB8PPrQazML6httz6gm8=
@size 43415
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/checker-qual-3.29.0.jar
@sha 59yA5d+MJH1UKuJAGUaAOSEj+nx8/l0jG3D/r6lUaME=
@size 223637
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/commons-lang3-3.18.0.jar
@sha Tu6ujSDAeKu2SwFewVit04OsWBVxzdxFxo8MmuAjByA=
@size 702952
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/error_prone_annotations-2.9.0.jar
@sha +Ue9wzriemtKpEeZ5sIeGUR5e9ABC6Q+uC0RRG4WNpQ=
@size 15994
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/failureaccess-1.0.2.jar
@sha io+Bz5s1nj9t+mkaHndphcBh7y8iPJssgHU+G0WOgGQ=
@size 4740
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/gson-2.9.0.jar
@sha yW1gVRMxoZbaxUt0WqZCzQeO+JtvJnFGtwXywsvvBS0=
@size 249277
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/guava-33.2.1-jre.jar
@sha RSstl4e302b6jPXtmhxAQEVC0F7/p6WY2gO7u7dtnzE=
@size 3051356
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/jackson-annotations-2.18.2.jar
@sha WBvWEADvdkiUP3gcoFaJ5W0D9gUnSDZajis6m10/oy8=
@size 78494
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/jackson-databind-2.18.2.jar
@sha SzZOaFDciRcvzx1N0muP9UiO2kT/RlfiLdJlID3Vqzw=
@size 1658755
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/jackson-module-paranamer-2.18.2.jar
@sha uus7GncCxaHFML3XY7NFtG5uaHIEzuBopE+mRc2KDR8=
@size 44215
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/jooq-3.10.8.jar
@sha IGVvjMnTMAMny+GMWNWOfS9XRUPrMbTZV6vM46BCF5I=
@size 2117677
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/jsr305-3.0.2.jar
@sha dmrSoHg/JoeWLIrXTO7MOKKLn3Ki0IXuQ4t4E+ko0Mc=
@size 19936
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar
@sha s3KgN9QjCqV/vv/e8w/WEj+cDC24XQrO0AyRuXTzP5k=
@size 2199
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/mockito-core-2.23.0.jar
@sha Y3mRv8N/3Sp63+YQ8u5SkKz5sVp+Q0e8PJbGHtnf4EM=
@size 565013
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/netty-buffer-4.2.7.Final.jar
@sha uBYTyO0iscw57M8qKL0MHUVh+y5eVCBhYX70zh0ii/U=
@size 373323
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/netty-codec-4.2.7.Final.jar
@sha XzaWWDgXiZmMBCqY8C2nHZw5iEu7T3/VgoL3ZeCcoDE=
@size 3947
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/netty-codec-http-4.2.7.Final.jar
@sha KYTdOEIKYcTdaPysxR/8Uo60b3P3eVza/bOk1vy3aGI=
@size 683327
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/netty-codec-http2-4.2.7.Final.jar
@sha yYJUmD3/qcYrzLDjljjhE4/rTde0bnpmPnkPagcKkwY=
@size 501115
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/netty-codec-socks-4.2.7.Final.jar
@sha peJF+5A4VE0qm8jbhu/YGapq2zvjJXqHna++G/eO/zM=
@size 132169
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/netty-common-4.2.7.Final.jar
@sha I0W8DtWEP6V6pJ66Z1KUhcOh1CD88EKTJMgiDHqA6aY=
@size 789111
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/netty-handler-4.2.7.Final.jar
@sha IdBjQJwS287EbTgMiFag97altou18dAF6wZbTWQUbLM=
@size 581349
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/netty-handler-proxy-4.2.7.Final.jar
@sha ijH1RgmSVqW5NlIToalQzH/SzrmCesY+BQYhbfb6cvY=
@size 27162
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/netty-resolver-4.2.7.Final.jar
@sha fk1WmGfmwIQ3+yGiIOoBwpSw448BFJtoPIlaG82ShDg=
@size 38454
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/netty-transport-4.2.7.Final.jar
@sha qtxvsFwU+3iTaMo/hUchVJxy9sDYF5i7zPneG7cWiSs=
@size 562559
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/netty-transport-native-unix-common-4.2.7.Final.jar
@sha c2cDs/bRJ+GC9b6Ii24VcysMCNZjTgByU1KmqdGZdLI=
@size 46861
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/objenesis-3.0.1.jar
@sha eo/3gLn/SEFdfHBfYAMLCsqmFuf4I8mO7eO2NQjU6YQ=
@size 60966
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/opensearch-performance-analyzer-3.4.0.0.jar
@sha HfUKT/+spxrQNNIp3WSlQIIEWKkQzq5cXUfbGNp0ptU=
@size 206084
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/performance-analyzer-commons-2.0.0.jar
@sha 2L20lWBZUqzpo8CS4IkvG9HnwN6tpY4FlHU1bteFaso=
@size 341945
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/plugin-descriptor.properties
@sha MlY0dMPcgvC8Ypi2AH8VXYhXMBhet7vXJl2r4MCOa+8=
@size 1950
@ts 1768594067
opensearch/plugins/opensearch-performance-analyzer/plugin-security.policy
@sha Lbfz+2V4nMKIwQHyVXYaoVsp3IoTf8W9sqbZZ+JCjcA=
@size 1360
@ts 1768594067
opensearch/plugins/opensearch-reports-scheduler/
opensearch/plugins/opensearch-reports-scheduler/common-utils-3.4.0.0.jar
@sha EaluPH7jkkdcfb7DZlVUkVrcBua+kn+YNFhESwDOKU0=
@size 878286
@ts 1768594067
opensearch/plugins/opensearch-reports-scheduler/gson-2.8.9.jar
@sha 05mSkYVd5JXJTHQ3YbirUXbP6r4oGlqw2OjUUyb9cD4=
@size 258075
@ts 1768594067
opensearch/plugins/opensearch-reports-scheduler/jackson-annotations-2.18.2.jar
@sha WBvWEADvdkiUP3gcoFaJ5W0D9gUnSDZajis6m10/oy8=
@size 78494
@ts 1768594067
opensearch/plugins/opensearch-reports-scheduler/jackson-databind-2.18.2.jar
@sha SzZOaFDciRcvzx1N0muP9UiO2kT/RlfiLdJlID3Vqzw=
@size 1658755
@ts 1768594067
opensearch/plugins/opensearch-reports-scheduler/json-20231013.jar
@sha DxgZLfKJEU4XqhoNCn+DcsyfXH5Pfjmtz4kG/nFPp9M=
@size 74702
@ts 1768594067
opensearch/plugins/opensearch-reports-scheduler/json-base-2.2.1.jar
@sha BA7cVbpuQJsPNuHxS6Rl+rC+/i5Q4CkWl480pW/xZ/s=
@size 30216
@ts 1768594067
opensearch/plugins/opensearch-reports-scheduler/json-flattener-0.15.1.jar
@sha dNWzrle7JYSmsGs3cMs/drRDSgYD93r6N2gJxD6f2LU=
@size 34337
@ts 1768594067
opensearch/plugins/opensearch-reports-scheduler/jsoup-1.15.3.jar
@sha 4gpeeLE3LypOYggy20RC1Qd+XL3igLJMZmo3cIRJmbw=
@size 438018
@ts 1768594067
opensearch/plugins/opensearch-reports-scheduler/kotlin-stdlib-2.2.0.jar
@sha ZdEthaO4ZcFg25FHhRcSpksQ2t1osi7qIqlb+KhnDco=
@size 1750373
@ts 1768594067
opensearch/plugins/opensearch-reports-scheduler/kotlin-test-2.2.0.jar
@sha jbF1o/Vs8Tnr34k28pPOWmSha1KgQIgE4OwHfohI6zI=
@size 102405
@ts 1768594067
opensearch/plugins/opensearch-reports-scheduler/kotlinx-coroutines-core-jvm-1.3.9.jar
@sha ZTj0WEc6QrbiqSZ28A1w1PoPaugk0TweMcgFHBltIzU=
@size 1668476
@ts 1768594067
opensearch/plugins/opensearch-reports-scheduler/opensearch-reports-scheduler-3.4.0.0.jar
@sha ORYyvsHZHE5p8UW0Us9gjahEskcan0ZCCIGw9eCo+LM=
@size 297163
@ts 1768594067
opensearch/plugins/opensearch-reports-scheduler/plugin-descriptor.properties
@sha LxqavknolEtl31teFh4773uTe3gVL3DV9Fch7e/Zoy0=
@size 1966
@ts 1768594067
opensearch/plugins/opensearch-reports-scheduler/plugin-security.policy
@sha TffcL7H1gZX1udvt57CP1sfdCb3wIjbeX+LZx9hltEE=
@size 411
@ts 1768594067
opensearch/plugins/opensearch-search-relevance/
opensearch/plugins/opensearch-search-relevance/LICENSE.txt
@sha CeipvOyAZxBGUsFoaFqwkx54aPnIKEtm9a5u2uXxEws=
@size 10142
@ts 1768594067
opensearch/plugins/opensearch-search-relevance/NOTICE.txt
@sha 1f7hvP6mYxcz6rOaTUtK9ix6F+IRZOa8wvdFGDK7B7M=
@size 72
@ts 1768594067
opensearch/plugins/opensearch-search-relevance/common-utils-3.4.0.0.jar
@sha EaluPH7jkkdcfb7DZlVUkVrcBua+kn+YNFhESwDOKU0=
@size 878286
@ts 1768594067
opensearch/plugins/opensearch-search-relevance/commons-math3-3.6.1.jar
@sha HlbXsFjSi2Wr0la4RY44hbZ0wdWI+kPNfRy7nH7yswg=
@size 2213560
@ts 1768594067
opensearch/plugins/opensearch-search-relevance/commons-text-1.14.0.jar
@sha Eh/OIoKRDI8MO6eTpUNrMb63EEI8vi1XSj+3pzxQjpI=
@size 259876
@ts 1768594067
opensearch/plugins/opensearch-search-relevance/gson-2.13.1.jar
@sha lIVZQtSZLxEpRtPeHDNOcJI3uBJtgTC/B4B8AYpKISA=
@size 286972
@ts 1768594067
opensearch/plugins/opensearch-search-relevance/guava-33.4.8-jre.jar
@sha 89f1f2f9Yi9NRo391pKzpeOQkkbCgBesMmNAXw/mF+0=
@size 3023797
@ts 1768594067
opensearch/plugins/opensearch-search-relevance/jackson-annotations-2.18.2.jar
@sha WBvWEADvdkiUP3gcoFaJ5W0D9gUnSDZajis6m10/oy8=
@size 78494
@ts 1768594067
opensearch/plugins/opensearch-search-relevance/jackson-databind-2.18.2.jar
@sha SzZOaFDciRcvzx1N0muP9UiO2kT/RlfiLdJlID3Vqzw=
@size 1658755
@ts 1768594067
opensearch/plugins/opensearch-search-relevance/javassist-3.30.2-GA.jar
@sha 66NykJlLXkho86+Y/xE/YkSmsJk4XZrUaIEwfTywGq8=
@size 794714
@ts 1768594067
opensearch/plugins/opensearch-search-relevance/json-20250517.jar
@sha PqYbKgbjHt8ckRNP6RBrDrsWYovhafPbdbx6Kwa0V5Y=
@size 82710
@ts 1768594067
opensearch/plugins/opensearch-search-relevance/json-path-2.9.0.jar
@sha Eanub4i7MfFFAQjRz2RBN33shKygdetrsjQ74VdXW+o=
@size 276633
@ts 1768594067
opensearch/plugins/opensearch-search-relevance/json-smart-2.5.2.jar
@sha T73tsBBc7cf3ZrlcKX0uiPtqVg2kjzu6oMxTjqi3v3E=
@size 122358
@ts 1768594067
opensearch/plugins/opensearch-search-relevance/jtokkit-1.1.0.jar
@sha FQHOAlmriXxnRsz6+h0gis1AT7F+GsYuFXFy8meLEYM=
@size 3246331
@ts 1768594067
opensearch/plugins/opensearch-search-relevance/opensearch-ml-client-3.4.0.0.jar
@sha wnxvNV7rAlCSD5p1M1NueszEgWXohxj1WhwH7NWgTtk=
@size 4467391
@ts 1768594067
opensearch/plugins/opensearch-search-relevance/opensearch-search-relevance-3.4.0.0.jar
@sha azyNANT2iqAT7FTuJErjHzQfxPy3XO+QzjCIm8YOmeg=
@size 540073
@ts 1768594067
opensearch/plugins/opensearch-search-relevance/plugin-descriptor.properties
@sha sOEU+XmUCNayaRUv4JPDPGfJ2Aq9NiHlZ0yQMXSr9wI=
@size 2025
@ts 1768594067
opensearch/plugins/opensearch-search-relevance/plugin-security.policy
@sha CQrq8j+3ZRvJ0HWyl5DOoBMZsvfjzLH0/ssCDrymgxk=
@size 306
@ts 1768594067
opensearch/plugins/opensearch-search-relevance/reflections-0.9.12.jar
@sha 0Wj1jTLyrnrFqNXZCSre7lJsYEtBEl3LRe6od5YKmc8=
@size 105848
@ts 1768594067
opensearch/plugins/opensearch-security/
opensearch/plugins/opensearch-security-analytics/
opensearch/plugins/opensearch-security-analytics/accessors-smart-2.5.2.jar
@sha m4p7xDhh1hVsAhFm2UH7fd2+RGPi+l7ogHfksBRSqDY=
@size 30358
@ts 1768594067
opensearch/plugins/opensearch-security-analytics/commons-csv-1.10.0.jar
@sha LQbmoHpja693etjmWSVvIRkQnd4jVRybgMVCLUJLgIw=
@size 54749
@ts 1768594067
opensearch/plugins/opensearch-security-analytics/commons-lang3-3.18.0.jar
@sha Tu6ujSDAeKu2SwFewVit04OsWBVxzdxFxo8MmuAjByA=
@size 702952
@ts 1768594067
opensearch/plugins/opensearch-security-analytics/guava-32.1.3-jre.jar
@sha bU4rWhGKq2Lm5eKdGFoCJO7YLIXECsPTPPBKJww7N0Q=
@size 3043932
@ts 1768594067
opensearch/plugins/opensearch-security-analytics/json-path-2.9.0.jar
@sha Eanub4i7MfFFAQjRz2RBN33shKygdetrsjQ74VdXW+o=
@size 276633
@ts 1768594067
opensearch/plugins/opensearch-security-analytics/json-smart-2.5.2.jar
@sha T73tsBBc7cf3ZrlcKX0uiPtqVg2kjzu6oMxTjqi3v3E=
@size 122358
@ts 1768594067
opensearch/plugins/opensearch-security-analytics/opensearch-security-analytics-3.4.0.0.jar
@sha L1UQtCnO/UU897THcwvGmI19RGcnh+ens2lqvUTWOnQ=
@size 1502027
@ts 1768594067
opensearch/plugins/opensearch-security-analytics/plugin-descriptor.properties
@sha j4aD/a/LwLBJu1ae5ywTiw57JPFecQhiSRKHkHKa12w=
@size 1986
@ts 1768594067
opensearch/plugins/opensearch-security-analytics/plugin-security.policy
@sha j6qSTfAut+9tAHX+TE2cyAGtieaGSWfv2z1svqqN1Xg=
@size 834
@ts 1768594067
opensearch/plugins/opensearch-security-analytics/security-analytics-commons-1.0.0.jar
@sha r38oRehPpOheucp5PQZinFXowt0TdPdcQNwwmEO8TbE=
@size 18503626
@ts 1768594067
opensearch/plugins/opensearch-security/accessors-smart-2.6.0.jar
@sha IiyfVHuyCpn8SGQDo5g1LRMG+2cbOKvX7KtkAd8XDmE=
@size 30245
@ts 1768594067
opensearch/plugins/opensearch-security/aggs-matrix-stats-client-3.4.0.jar
@sha rbAsuB0nU0MdoE1wQBjnHQCWsaXNaLIkq6Ch6qSfp64=
@size 62780
@ts 1768594067
opensearch/plugins/opensearch-security/asm-9.9.jar
@sha A9madK0e5ccTNO9nQ39O9P40iMqnyW2GRavHPI4gF9Q=
@size 126122
@ts 1768594067
opensearch/plugins/opensearch-security/bc-fips-2.1.2.jar
@sha BE/NiinSNu3qiltBRAbNrmO0dfmtnwX+LckEoneUERU=
@size 8608495
@ts 1768594067
opensearch/plugins/opensearch-security/bcpkix-fips-2.1.9.jar
@sha wxpK7toY+YsG3qtQ9sX6ly64dVXvE0Joviju2V+t7Oc=
@size 1024458
@ts 1768594067
opensearch/plugins/opensearch-security/bcutil-fips-2.1.4.jar
@sha 4WlRnmRB+xnKv2M9RPzvIRUGeT5b5JmskhVki9IGNOA=
@size 711149
@ts 1768594067
opensearch/plugins/opensearch-security/blake2b-2.0.0.jar
@sha kpmgAnKl51X6ZKEWcNHjzSvMY0p6uN4Yedpx5b+q8aA=
@size 13814
@ts 1768594067
opensearch/plugins/opensearch-security/checker-qual-3.52.0.jar
@sha C1uxpL3E5LEhdIL+WY78qrTh+6ezf5QSY5F4/IEW/AU=
@size 241628
@ts 1768594067
opensearch/plugins/opensearch-security/commons-cli-1.10.0.jar
@sha Gyc9khYLn6acPmU4mlxN7NLziml+RY5vdQgK4J6IZAQ=
@size 108170
@ts 1768594067
opensearch/plugins/opensearch-security/commons-codec-1.20.0.jar
@sha avZllfn2p7tYzmZRjWiI1AtUfDZtImLwZnbu4ZUo/2Y=
@size 401021
@ts 1768594067
opensearch/plugins/opensearch-security/commons-lang3-3.18.0.jar
@sha Tu6ujSDAeKu2SwFewVit04OsWBVxzdxFxo8MmuAjByA=
@size 702952
@ts 1768594067
opensearch/plugins/opensearch-security/commons-logging-1.3.5.jar
@sha bXp0TkAnZJ+7UIld+Ul9EJ+Yx2amNwYv6NLqu7MUC6Q=
@size 73737
@ts 1768594067
opensearch/plugins/opensearch-security/commons-text-1.14.0.jar
@sha Eh/OIoKRDI8MO6eTpUNrMb63EEI8vi1XSj+3pzxQjpI=
@size 259876
@ts 1768594067
opensearch/plugins/opensearch-security/compiler-0.9.14.jar
@sha mafnhVYJE1AG8Hjm3n7mnarZxC+Y5nnVb4BlPLF1Jrk=
@size 116051
@ts 1768594067
opensearch/plugins/opensearch-security/cryptacular-1.2.7.jar
@sha /V5lXMSMLEVo2KQHcNwHRCMW1hvMHCTxmbhN7ufk9yc=
@size 184772
@ts 1768594067
opensearch/plugins/opensearch-security/eventbus-java-3.3.1.jar
@sha hfZCN4ol1eQaafi6bPsvvmdOQGtUN0A+n5VfeT1s2ZE=
@size 44118
@ts 1768594067
opensearch/plugins/opensearch-security/failureaccess-1.0.3.jar
@sha y/w5BrGbj1XdfP1t/gqkUy6DQlDX8IC9jSEaPiRrWcs=
@size 10763
@ts 1768594067
opensearch/plugins/opensearch-security/google-java-format-1.32.0.jar
@sha P349NW9Id1sWyoTv4TwiM6OCbBXzlOvI/71dRsX/zVM=
@size 280837
@ts 1768594067
opensearch/plugins/opensearch-security/guava-33.5.0-jre.jar
@sha HjAfDFKsJIsLFP3D0SKDx3JS1Nb0hSHVcufYxMLMSsc=
@size 3017283
@ts 1768594067
opensearch/plugins/opensearch-security/httpasyncclient-4.1.5.jar
@sha DBh3SJqdG6T6UPbPyrEdESNhiFjLMdVq+qta/dUGTZk=
@size 181512
@ts 1768594067
opensearch/plugins/opensearch-security/httpclient-4.5.14.jar
@sha yLx+HFGm1M5y9A0uu6vxxLaL/nbnMhBLBDgbSTR46dY=
@size 785639
@ts 1768594067
opensearch/plugins/opensearch-security/httpclient5-5.4.4.jar
@sha P4ZX6rkbdTPlzyMtTiaCU8T/n5nx5LzWeEFhi+1n8t4=
@size 911620
@ts 1768594067
opensearch/plugins/opensearch-security/httpclient5-cache-5.4.4.jar
@sha W2wPgKQeaR2b43Q9cte/VbICUsbW0LZxJ8SiTW8bz48=
@size 252634
@ts 1768594067
opensearch/plugins/opensearch-security/httpcore-4.4.16.jar
@sha bJs90UKgncRo4jrTmq1vdaDyuFElEERp8CblKkdORk8=
@size 327891
@ts 1768594067
opensearch/plugins/opensearch-security/httpcore5-5.3.4.jar
@sha 8rL9egFk6MMSDNhDe8n+pDkjnhZcFyYrPpB9qn6Xn4A=
@size 908601
@ts 1768594067
opensearch/plugins/opensearch-security/httpcore5-h2-5.3.4.jar
@sha H7TzTkthLnwSetaTM1WDWHhQsXzpscNm+d4cpJ/ix4E=
@size 241692
@ts 1768594067
opensearch/plugins/opensearch-security/httpcore5-reactive-5.3.4.jar
@sha EPMnrkhmgQW4kgX7AXf2ajMECwr0RVqmj/OD07p8DLU=
@size 20591
@ts 1768594067
opensearch/plugins/opensearch-security/ipaddress-5.5.1.jar
@sha XqReV9sMLWJBkqUEbO6kGwrK95t2ilShTIZ5G7ZFknA=
@size 927285
@ts 1768594067
opensearch/plugins/opensearch-security/istack-commons-runtime-4.2.0.jar
@sha IQJbeglu+T903mWcG+WZD6DCTlmg+YpwbjkucIhyX/Y=
@size 25789
@ts 1768594067
opensearch/plugins/opensearch-security/j2objc-annotations-3.1.jar
@sha hNOhUFGEhfgUDqmbiphWVnSWKfZDPJK4DHWzaro7CZs=
@size 16762
@ts 1768594067
opensearch/plugins/opensearch-security/jackson-annotations-2.18.2.jar
@sha WBvWEADvdkiUP3gcoFaJ5W0D9gUnSDZajis6m10/oy8=
@size 78494
@ts 1768594067
opensearch/plugins/opensearch-security/jackson-databind-2.18.2.jar
@sha SzZOaFDciRcvzx1N0muP9UiO2kT/RlfiLdJlID3Vqzw=
@size 1658755
@ts 1768594067
opensearch/plugins/opensearch-security/jakarta.activation-1.2.2.jar
@sha AhVnc+SunQSNFKVq011kS+6fEFKnkdBy3z3tPGVubho=
@size 68453
@ts 1768594067
opensearch/plugins/opensearch-security/jakarta.xml.bind-api-4.0.4.jar
@sha xQfKaajG3RG/Sv7sng1BLE+jkz//sKhGgOpXJ+hHISQ=
@size 131188
@ts 1768594067
opensearch/plugins/opensearch-security/java-saml-2.9.0.jar
@sha 8uNpAsmjofJVoBD3kobz+FgDGDmoF/T/WUBoqJFxz8E=
@size 15413
@ts 1768594067
opensearch/plugins/opensearch-security/java-saml-core-2.9.0.jar
@sha QXNeIGPxxRHTQqq2E7IUTvt1jiNk7NkZO3Y5J0ooDyQ=
@size 141445
@ts 1768594067
opensearch/plugins/opensearch-security/jaxb-runtime-2.3.9.jar
@sha uojlvefA2HjD4fLsL8q69R0gHq+Ts7uc/s/B8RsjBNQ=
@size 1019097
@ts 1768594067
opensearch/plugins/opensearch-security/jjwt-api-0.13.0.jar
@sha WvipccchWstsNwh5SjkSxW63Bmyjse5z+HmIyeDWwGc=
@size 140754
@ts 1768594067
opensearch/plugins/opensearch-security/jjwt-impl-0.13.0.jar
@sha s1G6qjAoiaQW6DaD8RCUgBfO5nEwMmJSLUukd2iMqJ8=
@size 482009
@ts 1768594067
opensearch/plugins/opensearch-security/jjwt-jackson-0.13.0.jar
@sha 5cpDtJ3soa2BiyVy8K9NkCNwIFCJvc0V1du2CV0XQWs=
@size 9431
@ts 1768594067
opensearch/plugins/opensearch-security/kafka-clients-4.1.1.jar
@sha ACRxIqVyw9OuTrYKUBkqWBG8AYH1GSPRMBhgD4kugh0=
@size 9766726
@ts 1768594067
opensearch/plugins/opensearch-security/lang-mustache-client-3.4.0.jar
@sha UaOurK0k17KalnyIad5CvPtxmC8B44CIUVc+l43sfF0=
@size 66689
@ts 1768594067
opensearch/plugins/opensearch-security/ldaptive-1.2.3.jar
@sha aJnoVVni6+//iX4JfOiVyOfWBWs3vxYskyQqbhxQFTA=
@size 802456
@ts 1768594067
opensearch/plugins/opensearch-security/log4j-slf4j-impl-2.21.0.jar
@sha WLNXuKp4k8vt2XIB67/7pjYNh771hs9qWgw1F9XXUlc=
@size 24478
@ts 1768594067
opensearch/plugins/opensearch-security/lz4-java-1.10.1.jar
@sha pYqExCceUN9Mlu2RbMt+SKhp+O2c3Noa1dPUwzsCFKM=
@size 910232
@ts 1768594067
opensearch/plugins/opensearch-security/mapper-extras-client-3.4.0.jar
@sha b31OHxdWuvJTN4JIaaBT5hh04XzoGxdcDItxWA/fdf8=
@size 85807
@ts 1768594067
opensearch/plugins/opensearch-security/metrics-core-4.2.37.jar
@sha PHDRkEnRD0dKuANwa5wGd7z1/Z4a/rT2xJb2Ljiydng=
@size 131928
@ts 1768594067
opensearch/plugins/opensearch-security/minimal-json-0.9.5.jar
@sha af+ERj0dfMXP24uvK25fevFT01G/Db7ju8iRYkevrHQ=
@size 34221
@ts 1768594067
opensearch/plugins/opensearch-security/netty-buffer-4.2.7.Final.jar
@sha uBYTyO0iscw57M8qKL0MHUVh+y5eVCBhYX70zh0ii/U=
@size 373323
@ts 1768594067
opensearch/plugins/opensearch-security/netty-codec-4.2.7.Final.jar
@sha XzaWWDgXiZmMBCqY8C2nHZw5iEu7T3/VgoL3ZeCcoDE=
@size 3947
@ts 1768594067
opensearch/plugins/opensearch-security/netty-codec-base-4.2.7.Final.jar
@sha Y2BBW3yHFgr83l59SUbDVTm58EPoFmyRp//5XMYGfZ8=
@size 152980
@ts 1768594067
opensearch/plugins/opensearch-security/netty-codec-compression-4.2.7.Final.jar
@sha 7dU600mRgEMBpGVxET2P+01vZ+bYdGdNr7uRVyQnXLM=
@size 182886
@ts 1768594067
opensearch/plugins/opensearch-security/netty-codec-http-4.2.7.Final.jar
@sha KYTdOEIKYcTdaPysxR/8Uo60b3P3eVza/bOk1vy3aGI=
@size 683327
@ts 1768594067
opensearch/plugins/opensearch-security/netty-codec-http2-4.2.7.Final.jar
@sha yYJUmD3/qcYrzLDjljjhE4/rTde0bnpmPnkPagcKkwY=
@size 501115
@ts 1768594067
opensearch/plugins/opensearch-security/netty-common-4.2.7.Final.jar
@sha I0W8DtWEP6V6pJ66Z1KUhcOh1CD88EKTJMgiDHqA6aY=
@size 789111
@ts 1768594067
opensearch/plugins/opensearch-security/netty-handler-4.2.7.Final.jar
@sha IdBjQJwS287EbTgMiFag97altou18dAF6wZbTWQUbLM=
@size 581349
@ts 1768594067
opensearch/plugins/opensearch-security/netty-resolver-4.2.7.Final.jar
@sha fk1WmGfmwIQ3+yGiIOoBwpSw448BFJtoPIlaG82ShDg=
@size 38454
@ts 1768594067
opensearch/plugins/opensearch-security/netty-transport-4.2.7.Final.jar
@sha qtxvsFwU+3iTaMo/hUchVJxy9sDYF5i7zPneG7cWiSs=
@size 562559
@ts 1768594067
opensearch/plugins/opensearch-security/netty-transport-native-unix-common-4.2.7.Final.jar
@sha c2cDs/bRJ+GC9b6Ii24VcysMCNZjTgByU1KmqdGZdLI=
@size 46861
@ts 1768594067
opensearch/plugins/opensearch-security/nimbus-jose-jwt-10.6.jar
@sha fvOw3UonQHY51GnNded3BGO07jbiwTU1Rl2hddO4+WQ=
@size 811923
@ts 1768594067
opensearch/plugins/opensearch-security/opensaml-3.4.0.0-all.jar
@sha dRJyMrJyxrrgonAxuE54/rE/mWyQJWzHtsOqoHQQai0=
@size 4173531
@ts 1768594067
opensearch/plugins/opensearch-security/opensearch-rest-client-3.4.0.jar
@sha U0MBCalAXUrvDFY6H7z1tId84+fCBGam2/Y7C2z8vo0=
@size 90769
@ts 1768594067
opensearch/plugins/opensearch-security/opensearch-rest-high-level-client-3.4.0.jar
@sha WQCsXKYwSAcO1/RauSh12pRLhZD9aZTcHGzyWU4g+BE=
@size 314370
@ts 1768594067
opensearch/plugins/opensearch-security/opensearch-security-3.4.0.0.jar
@sha vF+ftaOnuvDeXEBOo2knVaht3+96T6YBERft62X3iKk=
@size 1725085
@ts 1768594067
opensearch/plugins/opensearch-security/opensearch-security-spi-3.4.0.0.jar
@sha ZO0IFUsc7K3ZqGwWMfJBDWvLcwDe1qBVlQ1mkwOkAQU=
@size 2626
@ts 1768594067
opensearch/plugins/opensearch-security/parent-join-client-3.4.0.jar
@sha D6m2Fe6ONYm73rAutrtD6zmKILMDGALS6WZ1z105Ir0=
@size 87959
@ts 1768594067
opensearch/plugins/opensearch-security/passay-1.6.6.jar
@sha hWpZ3/EqR0UwPYcM03TaTbdOHkk2YBBA8MIfZqVgf6g=
@size 136559
@ts 1768594067
opensearch/plugins/opensearch-security/password4j-1.8.3.jar
@sha DpSMEe3APVJGSOPGKTaQrfLeq8jb1h77B20g2U4U6Z8=
@size 90002
@ts 1768594067
opensearch/plugins/opensearch-security/plugin-descriptor.properties
@sha ZkiF/uKOFlchI9ZLWzTs/gVd4JqlR4vDT/vYmUxMz7I=
@size 1990
@ts 1768594067
opensearch/plugins/opensearch-security/plugin-security.policy
@sha k69rYRIuo8gIbJz1QTtQQ5e+3PJDPF/qhDCL5oDfOxw=
@size 3702
@ts 1768594067
opensearch/plugins/opensearch-security/rank-eval-client-3.4.0.jar
@sha K3qE0Koucc23E+zEvpGLBSYBRrOjcAYWyt00fN9NC6A=
@size 82745
@ts 1768594067
opensearch/plugins/opensearch-security/scala-java8-compat_3-1.0.2.jar
@sha pFj0ORwUPicUB3rfdl+zlWAIFwFGs3EMhWuB7diu69I=
@size 858966
@ts 1768594067
opensearch/plugins/opensearch-security/slf4j-api-1.7.36.jar
@sha 0+9XXj5JeWeNwBvx3M5RAhSTtNEft/G+itmCh3wWocA=
@size 41125
@ts 1768594067
opensearch/plugins/opensearch-security/snappy-java-1.1.10.8.jar
@sha UEhdBgN/6j1uQMloOG/uymM4zJhy4lVJWT/z6zUs78w=
@size 2445419
@ts 1768594067
opensearch/plugins/opensearch-security/special-collections-complete-1.4.0.jar
@sha mUehu0wXR/VHqjuERZg031LPc65HdMzozj+k/sUaaPY=
@size 152047
@ts 1768594067
opensearch/plugins/opensearch-security/stax2-api-4.2.2.jar
@sha phxI1VPvrXi8Af/8SsUovruuZMuuwXCypeOc9h61Gr4=
@size 195922
@ts 1768594067
opensearch/plugins/opensearch-security/tools/
opensearch/plugins/opensearch-security/tools/SECURITY_ADMIN_TESTS.md
@sha bfuchXcD2mxfOeWpRXR0WJmFNU5j4u/xwC9rAL8NPq0=
@size 3875
@ts 1768594067
opensearch/plugins/opensearch-security/tools/audit_config_migrater.sh
@sha vW7akA7XWuTonkDCUMhdJXK8qPlsIXXeTPI4kptZw2A=
@size 1067
@ts 1768594067
opensearch/plugins/opensearch-security/tools/hash.sh
@sha Lm5eDWglDgkdzYHoMnHLqKIZavFfFpw+cOQP9T0Gyw4=
@size 1055
@ts 1768594067
opensearch/plugins/opensearch-security/tools/install_demo_configuration.sh
@sha Bk2krWn0W9iLgTEzIP4PSJRtoXERwvvCNI72rBPpjhs=
@size 2019
@ts 1768594067
opensearch/plugins/opensearch-security/tools/securityadmin.sh
@sha 72fW2Bw8aY9ibS5aPQjbX3NZQlREbjuCU3E/x8OagD4=
@size 1096
@ts 1768594067
opensearch/plugins/opensearch-security/transport-netty4-client-3.4.0.jar
@sha X1iDjYNlZilV/evLqOoxD4mdYU0/qm23srMtW3g46UU=
@size 111460
@ts 1768594067
opensearch/plugins/opensearch-security/txw2-2.3.9.jar
@sha lzAYuHr5Eez25thh3Q1qR35Niuaog+xdBz098TMLh/A=
@size 72007
@ts 1768594067
opensearch/plugins/opensearch-security/woodstox-core-6.7.0.jar
@sha gc3u9QVnc1van2tKq+DMCj9sBPFVaRkrxlBTk9JhLCU=
@size 1620573
@ts 1768594067
opensearch/plugins/opensearch-security/xmlschema-core-2.3.2.jar
@sha 727ifXvV//SVDGc3toJj7WPdCI+O1fBCRb5JpfagZZA=
@size 173687
@ts 1768594067
opensearch/plugins/opensearch-security/xmlsec-2.3.5.jar
@sha UzI+6Zuz7oSbUkkZPlC6KyvEtFzYpl9FC/ALiPg5oDM=
@size 1140679
@ts 1768594067
opensearch/plugins/opensearch-security/zjsonpatch-0.4.16.jar
@sha oE+ZfzBb8xtpcHamIn5GvmW5ycCOC4Jtk8CgkPni74k=
@size 34473
@ts 1768594067
opensearch/plugins/opensearch-security/zxcvbn-1.9.0.jar
@sha OO+uurCRROsfTUyf9lDnnfh1qNbEU5wQWweaYGu32zQ=
@size 503012
@ts 1768594067
opensearch/plugins/opensearch-skills/
opensearch/plugins/opensearch-skills/LICENSE.txt
@sha CeipvOyAZxBGUsFoaFqwkx54aPnIKEtm9a5u2uXxEws=
@size 10142
@ts 1768594067
opensearch/plugins/opensearch-skills/NOTICE.txt
@sha k9s8Xio9uZeAvVRqYGSye4mYgJlfZIOuogcqPzfNtKA=
@size 371
@ts 1768594067
opensearch/plugins/opensearch-skills/antlr4-runtime-4.9.3.jar
@sha ExpllJabxPMh1lLqKjO8DjeMoxJoXvh3kbLGCynQHqU=
@size 336742
@ts 1768594067
opensearch/plugins/opensearch-skills/jackson-module-scala_3-2.18.2.jar
@sha or7Nru6JXfUHA2YUSp5G0QbyWN+mf70bhiydXOQhTpM=
@size 714672
@ts 1768594067
opensearch/plugins/opensearch-skills/json4s-ast_2.13-3.7.0-M11.jar
@sha xpS2DHfdyeM6hJ8Vb/Jax3wFKmTVzOX9GAwsFg16ySM=
@size 91558
@ts 1768594067
opensearch/plugins/opensearch-skills/json4s-core_2.13-3.7.0-M11.jar
@sha s9sJzYt47vkjusTBya+15WHjiNfjsxtB9+QJWcHFw5o=
@size 530321
@ts 1768594067
opensearch/plugins/opensearch-skills/json4s-jackson_2.13-3.7.0-M11.jar
@sha ytAgdp211affW8oQMDA9aamGxxQlDHHo7CnX8YWDmFI=
@size 37085
@ts 1768594067
opensearch/plugins/opensearch-skills/jsoup-1.19.1.jar
@sha e4UOsA8vd/YGo0Oy5O/+QQfzwfqhg3Kdhfvha69gYJY=
@size 472999
@ts 1768594067
opensearch/plugins/opensearch-skills/opensearch-anomaly-detection-3.4.0.0.jar
@sha OmLkWPuK5p2CZ9xiXy76u9Bcje6jo2ghzwBqqL6U4bU=
@size 1623182
@ts 1768594067
opensearch/plugins/opensearch-skills/opensearch-skills-3.4.0.0.jar
@sha tnhX2psYRwzr9aK1Xq0qA6D73DehqKvrz/GoCDAIsDw=
@size 234433
@ts 1768594067
opensearch/plugins/opensearch-skills/opensearch-sql-thin-3.4.0.0.jar
@sha Kg2HEd0CCSg0nkc8P7LNLWKW91Gcq3V8e5O9+B9z7Sc=
@size 6150206
@ts 1768594067
opensearch/plugins/opensearch-skills/paranamer-2.8.jar
@sha aIyxGKYCHYGROOhVIIyVYDFoi+S0eiS7YVvsxjrO3wc=
@size 34654
@ts 1768594067
opensearch/plugins/opensearch-skills/plugin-descriptor.properties
@sha rEe7mIU3dg2Ze0Jz5wJCJEfwUoGW3ckWhW5XTtYWDc4=
@size 1899
@ts 1768594067
opensearch/plugins/opensearch-skills/plugin-security.policy
@sha lX2MOrwEwHZaRIGeG/MJqwXMwnvqjDd1jqRxpB+wisk=
@size 503
@ts 1768594067
opensearch/plugins/opensearch-skills/scala-library-2.13.9.jar
@sha MX4M2AqosM6emNFUBT2aD1rMY4VLaMpVItPgF8aNyOU=
@size 5939419
@ts 1768594067
opensearch/plugins/opensearch-skills/scala3-library_3-3.7.0-RC1-bin-20250119-bd699fc-NIGHTLY.jar
@sha 1MPMgU9PeIyBEgMLOB/nwmoRIKYlRiCWV8NWhL0nI0c=
@size 1262704
@ts 1768594067
opensearch/plugins/opensearch-skills/spark-common-utils_2.13-3.5.4.jar
@sha yWP+Wg0ol8m/f4hCnHnF5HzAq5M94BzorahndnD5KQ8=
@size 241630
@ts 1768594067
opensearch/plugins/opensearch-skills/spark-core_2.13-3.5.4.jar
@sha DtJRkMJ1MwAad4bRpxTitjpMqUpHdbOYUeVrlqA8fyo=
@size 13885492
@ts 1768594067
opensearch/plugins/opensearch-skills/spark-sql-api_2.13-3.5.4.jar
@sha 8IkthetjlMWYN9qF3CXb3Oxu3xxEx3r75cVd1RAP0vc=
@size 1807971
@ts 1768594067
opensearch/plugins/opensearch-sql/
opensearch/plugins/opensearch-sql/LICENSE.txt
@sha QwcOLU5TJoTeUhuIXzhdCEEDDvorGiC6+3YTOl4TecE=
@size 11356
@ts 1768594067
opensearch/plugins/opensearch-sql/NOTICE.txt
@sha 4FQMcUDztTQfCpHeT2ZhEPIInBFUEEln4BkYODvouy8=
@size 721
@ts 1768594067
opensearch/plugins/opensearch-sql/opensearch-sql-3.4.0.0.jar
@sha 67BNuGLvkCHmDlIWzauUuTo+HXA6LQKB6B11asje6TE=
@size 74896967
@ts 1768594067
opensearch/plugins/opensearch-sql/plugin-descriptor.properties
@sha vDRtaVW5W0ol3wDijrSbGZBTe+toqfeITMXiY0gp4KY=
@size 1908
@ts 1768594067
opensearch/plugins/opensearch-sql/plugin-security.policy
@sha NDfFksZWy7aYyA9WbWQGANextZDVHuoQOuQ//kPue1k=
@size 1195
@ts 1768594067
opensearch/plugins/opensearch-system-templates/
opensearch/plugins/opensearch-system-templates/LICENSE.txt
@sha CeipvOyAZxBGUsFoaFqwkx54aPnIKEtm9a5u2uXxEws=
@size 10142
@ts 1768594067
opensearch/plugins/opensearch-system-templates/NOTICE.txt
@sha UG/9QmwGPKPsr9fb1dlCw/9+svZ+akDRi4MpIbu/Qrk=
@size 71
@ts 1768594067
opensearch/plugins/opensearch-system-templates/opensearch-system-templates-3.4.0.0.jar
@sha vDTPE0ifp+vh0fDRXDX5aL+pvfZ+Vm1PLk6+3wFJuGg=
@size 24598
@ts 1768594067
opensearch/plugins/opensearch-system-templates/plugin-descriptor.properties
@sha D/zZl/XvsPCgrG4fIN8WeTTMlislfIRJ1OEpC0YvEbA=
@size 2021
@ts 1768594067
opensearch/plugins/opensearch-ubi/
opensearch/plugins/opensearch-ubi/LICENSE.txt
@sha CeipvOyAZxBGUsFoaFqwkx54aPnIKEtm9a5u2uXxEws=
@size 10142
@ts 1768594067
opensearch/plugins/opensearch-ubi/NOTICE.txt
@sha QJxqFVBNjbdEsZOSP/CbwIDoODOSVMlJpglSNweNEGo=
@size 55324
@ts 1768594067
opensearch/plugins/opensearch-ubi/commons-logging-1.3.5.jar
@sha bXp0TkAnZJ+7UIld+Ul9EJ+Yx2amNwYv6NLqu7MUC6Q=
@size 73737
@ts 1768594067
opensearch/plugins/opensearch-ubi/httpclient-4.5.14.jar
@sha yLx+HFGm1M5y9A0uu6vxxLaL/nbnMhBLBDgbSTR46dY=
@size 785639
@ts 1768594067
opensearch/plugins/opensearch-ubi/httpcore-4.4.16.jar
@sha bJs90UKgncRo4jrTmq1vdaDyuFElEERp8CblKkdORk8=
@size 327891
@ts 1768594067
opensearch/plugins/opensearch-ubi/jackson-annotations-2.18.2.jar
@sha WBvWEADvdkiUP3gcoFaJ5W0D9gUnSDZajis6m10/oy8=
@size 78494
@ts 1768594067
opensearch/plugins/opensearch-ubi/jackson-databind-2.18.2.jar
@sha SzZOaFDciRcvzx1N0muP9UiO2kT/RlfiLdJlID3Vqzw=
@size 1658755
@ts 1768594067
opensearch/plugins/opensearch-ubi/opensearch-ubi-3.4.0.0.jar
@sha DQEbMYVXrdh4ZYiQlfCgYeQSt7zMepVq0E/87P39P64=
@size 31311
@ts 1768594067
opensearch/plugins/opensearch-ubi/plugin-descriptor.properties
@sha 3k8OYcJ+G2qg4r1THOTgXuMhVkg7u9kKFCto35cySgk=
@size 1903
@ts 1768594067
opensearch/plugins/query-insights/
opensearch/plugins/query-insights/NOTICE.txt
@sha 39fJyTD8RIQNy1mgxYTmUY9PfI65A4c7OnUXNELpDRQ=
@size 69
@ts 1768594067
opensearch/plugins/query-insights/plugin-descriptor.properties
@sha 9U3TuCqEEyIPwmWrbbhU9LXlA0RTt5F6qLpVGG3d5ro=
@size 1917
@ts 1768594067
opensearch/plugins/query-insights/query-insights-3.4.0.0.jar
@sha 0bE6yPXyWVi/hu4XG4Wm8wCls67TMnmHY3/gpyhQvxo=
@size 180121
@ts 1768594067
share/doc/opensearch/
share/doc/opensearch/LICENSE.txt
@sha z8d0m5b2O9McPEK1xHG/dWgUBT6EfBDz6wA0F7xSPTA=
@size 11358
@ts 1768594067
share/doc/opensearch/NOTICE.txt
@sha kanQQeLj3pfrDqUsKzI+stvjR2PlFmQ064u3PPNoeV8=
@size 409103
@ts 1768594067
share/doc/opensearch/README.md
@sha NkVJW8xSKPihPho9m7Z2327hiVztyV/kFzocFrJKUT0=
@size 2920
@ts 1768594067
share/doc/pkg-readmes/opensearch
@sha pHMaOa6mmQzWVA8elmPu2PZtnXQa3u+Kd8grbd5XXiU=
@size 3141
@ts 1768594068
share/examples/login.conf.d/opensearch
@sha ++jHk1hYG6V/KxeSJeeXaU3rSYZtjSGkmfV2pljAteM=
@size 46
@ts 1768594068
@sample /etc/login.conf.d/opensearch
share/examples/opensearch/
@mode 0770
@owner _opensearch
@group _opensearch
@sample /etc/opensearch/
@mode
@owner
@group
share/examples/opensearch/fips_java.security
@sha 0IcB813URVkMiKZyTmyxb02dhaito+WrZsMcM6OF4xI=
@size 558
@ts 1768594063
@mode 0660
@owner _opensearch
@group _opensearch
@sample /etc/opensearch/fips_java.security
@mode
@owner
@group
share/examples/opensearch/jvm.options
@sha MoZJhKhzLhtx8FOYwGmegA3Lusy5wzy3E3qZ+VzPPLE=
@size 3224
@ts 1768594063
@mode 0660
@owner _opensearch
@group _opensearch
@sample /etc/opensearch/jvm.options
@mode
@owner
@group
share/examples/opensearch/jvm.options.d/
@mode 0770
@owner _opensearch
@group _opensearch
@sample /etc/opensearch/jvm.options.d/
@mode
@owner
@group
share/examples/opensearch/log4j2.properties
@sha ZXWN3d3n/ENDfG5EbIsycCqEdT9HlSdlCu4zebzVoCE=
@size 17919
@ts 1768594063
@mode 0660
@owner _opensearch
@group _opensearch
@sample /etc/opensearch/log4j2.properties
@mode
@owner
@group
share/examples/opensearch/opensearch-notifications/
@mode 0770
@owner _opensearch
@group _opensearch
@sample /etc/opensearch/opensearch-notifications/
@mode
@owner
@group
share/examples/opensearch/opensearch-notifications-core/
@mode 0770
@owner _opensearch
@group _opensearch
@sample /etc/opensearch/opensearch-notifications-core/
@mode
@owner
@group
share/examples/opensearch/opensearch-notifications-core/notifications-core.yml
@sha GBPDR21yyLDPcDAtNzIzCEXni1eULucUt38ODHzTXso=
@size 550
@ts 1768594063
@mode 0660
@owner _opensearch
@group _opensearch
@sample /etc/opensearch/opensearch-notifications-core/notifications-core.yml
@mode
@owner
@group
share/examples/opensearch/opensearch-notifications/notifications.yml
@sha +jcHnUBBII0qAa0MvW5b1h42EWWL8+CBbFEBGkdsvHM=
@size 407
@ts 1768594063
@mode 0660
@owner _opensearch
@group _opensearch
@sample /etc/opensearch/opensearch-notifications/notifications.yml
@mode
@owner
@group
share/examples/opensearch/opensearch-observability/
@mode 0770
@owner _opensearch
@group _opensearch
@sample /etc/opensearch/opensearch-observability/
@mode
@owner
@group
share/examples/opensearch/opensearch-observability/observability.yml
@sha zNoYvab3euwfpRryvRfBzH+VqAzXp79VhsvtHHwEYl8=
@size 1349
@ts 1768594063
@mode 0660
@owner _opensearch
@group _opensearch
@sample /etc/opensearch/opensearch-observability/observability.yml
@mode
@owner
@group
share/examples/opensearch/opensearch-reports-scheduler/
@mode 0770
@owner _opensearch
@group _opensearch
@sample /etc/opensearch/opensearch-reports-scheduler/
@mode
@owner
@group
share/examples/opensearch/opensearch-reports-scheduler/reports-scheduler.yml
@sha EVO+DxDcYGjjZf3XPBePjSad6j0o7gwS82jbOd/K97A=
@size 297
@ts 1768594063
@mode 0660
@owner _opensearch
@group _opensearch
@sample /etc/opensearch/opensearch-reports-scheduler/reports-scheduler.yml
@mode
@owner
@group
share/examples/opensearch/opensearch-security/
@mode 0770
@owner _opensearch
@group _opensearch
@sample /etc/opensearch/opensearch-security/
@mode
@owner
@group
share/examples/opensearch/opensearch-security/action_groups.yml
@sha U065btIrYKPe/GFoyvPG8BcZEPLZUCcM2b3wiqiH6ng=
@size 50
@ts 1768594063
@mode 0660
@owner _opensearch
@group _opensearch
@sample /etc/opensearch/opensearch-security/action_groups.yml
@mode
@owner
@group
share/examples/opensearch/opensearch-security/allowlist.yml
@sha HxVUTfukDxgd1OfMFr9R4i4PRRjIVywpyn8hpo58hJM=
@size 1973
@ts 1768594063
@mode 0660
@owner _opensearch
@group _opensearch
@sample /etc/opensearch/opensearch-security/allowlist.yml
@mode
@owner
@group
share/examples/opensearch/opensearch-security/audit.yml
@sha ju37XlBKs+lizEhE34OsqMND8qrkx0QKO8JXSf6jJpE=
@size 2541
@ts 1768594063
@mode 0660
@owner _opensearch
@group _opensearch
@sample /etc/opensearch/opensearch-security/audit.yml
@mode
@owner
@group
share/examples/opensearch/opensearch-security/config.yml
@sha VQdomA+O79Fjl4eOvhczyX9YpzZc4j00VlU+3sbJ5v4=
@size 10379
@ts 1768594063
@mode 0660
@owner _opensearch
@group _opensearch
@sample /etc/opensearch/opensearch-security/config.yml
@mode
@owner
@group
share/examples/opensearch/opensearch-security/internal_users.yml
@sha mncuoZDnzDBb7MtGzFui7H0d0sA3iRZMAK89lCYh6ko=
@size 1689
@ts 1768594063
@mode 0660
@owner _opensearch
@group _opensearch
@sample /etc/opensearch/opensearch-security/internal_users.yml
@mode
@owner
@group
share/examples/opensearch/opensearch-security/nodes_dn.yml
@sha 2qOeAnfbfv8Uvx92L9mNWwF1iJR/XBv1cG8Tw5jGVMA=
@size 154
@ts 1768594063
@mode 0660
@owner _opensearch
@group _opensearch
@sample /etc/opensearch/opensearch-security/nodes_dn.yml
@mode
@owner
@group
share/examples/opensearch/opensearch-security/opensearch.yml.example
@sha NkdrlOHV39UyjsoC9AQ8N9ynZbm4CVuDdgg+9DtDbxw=
@size 12381
@ts 1768594063
@mode 0660
@owner _opensearch
@group _opensearch
@sample /etc/opensearch/opensearch-security/opensearch.yml.example
@mode
@owner
@group
share/examples/opensearch/opensearch-security/roles.yml
@sha 0TrXvW/+G9GAXz/chii/DIH1P1NGOe483o14iNVH2j0=
@size 19867
@ts 1768594063
@mode 0660
@owner _opensearch
@group _opensearch
@sample /etc/opensearch/opensearch-security/roles.yml
@mode
@owner
@group
share/examples/opensearch/opensearch-security/roles_mapping.yml
@sha 1MBgKOAuX0cvyxetPMta5ocQ+CE7CGfo9K1iZLj5kr4=
@size 844
@ts 1768594063
@mode 0660
@owner _opensearch
@group _opensearch
@sample /etc/opensearch/opensearch-security/roles_mapping.yml
@mode
@owner
@group
share/examples/opensearch/opensearch-security/tenants.yml
@sha GSe8BgyyriGAU3XE1jPfalVvnGp7PgqOu3A1wxVAbwU=
@size 170
@ts 1768594063
@mode 0660
@owner _opensearch
@group _opensearch
@sample /etc/opensearch/opensearch-security/tenants.yml
@mode
@owner
@group
share/examples/opensearch/opensearch.yml
@sha RuzqtCTV9Ejfzpm42NYPriluGhMxz8j9WmAYMmMvzDw=
@size 4397
@ts 1768594063
@mode 0660
@owner _opensearch
@group _opensearch
@sample /etc/opensearch/opensearch.yml
@mode 0770
@sample /var/opensearch/
@sample /var/log/opensearch/
@exec ln -s /usr/local/opensearch/opensearch-security-analytics /etc/opensearch/opensearch-security-analytics
