From a6745c1f2df9f34a3d5a38c56a16bb3cd5286a45 Mon Sep 17 00:00:00 2001 From: Doug Erkkila Date: Fri, 1 Jul 2022 10:43:57 -0400 Subject: [PATCH 1/3] Update eventtypes.conf Missed Branch eventtype --- github_app_for_splunk/default/eventtypes.conf | 3 +++ 1 file changed, 3 insertions(+) diff --git a/github_app_for_splunk/default/eventtypes.conf b/github_app_for_splunk/default/eventtypes.conf index acdd685..3193074 100644 --- a/github_app_for_splunk/default/eventtypes.conf +++ b/github_app_for_splunk/default/eventtypes.conf @@ -1,3 +1,6 @@ +[GitHub::Branch] +search = `github_webhooks` ref_type=branch + [GitHub::Change] search = `github_source` action=* sourcetype="github:enterprise:audit" OR sourcetype="github_audit" From 6095e0ef6bd05cb1b74f00dfae724a506ebdbd0e Mon Sep 17 00:00:00 2001 From: Doug Erkkila Date: Wed, 6 Jul 2022 10:16:29 -0400 Subject: [PATCH 2/3] Support for macro distribution Testing macro distribution --- github_app_for_splunk/default/distsearch.conf | 2 ++ github_app_for_splunk/metadata/default.meta | 5 +++++ 2 files changed, 7 insertions(+) create mode 100644 github_app_for_splunk/default/distsearch.conf diff --git a/github_app_for_splunk/default/distsearch.conf b/github_app_for_splunk/default/distsearch.conf new file mode 100644 index 0000000..8683077 --- /dev/null +++ b/github_app_for_splunk/default/distsearch.conf @@ -0,0 +1,2 @@ +[replicationSettings:refineConf] +replicate.macros = true diff --git a/github_app_for_splunk/metadata/default.meta b/github_app_for_splunk/metadata/default.meta index b77b8cb..b408019 100644 --- a/github_app_for_splunk/metadata/default.meta +++ b/github_app_for_splunk/metadata/default.meta @@ -33,3 +33,8 @@ export = system [viewstates] access = read : [ * ], write : [ * ] export = system + +### MACROS + +[macros] +export = system From 46721d2e2b417b41f53d2e2943bc13aba8b8072e Mon Sep 17 00:00:00 2001 From: Doug Erkkila Date: Thu, 7 Jul 2022 16:38:36 -0400 Subject: [PATCH 3/3] Update eventtypes.conf Fixed Workflow eventtype and added Workflow::Job eventtype --- github_app_for_splunk/default/eventtypes.conf | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/github_app_for_splunk/default/eventtypes.conf b/github_app_for_splunk/default/eventtypes.conf index 3193074..08ab58f 100644 --- a/github_app_for_splunk/default/eventtypes.conf +++ b/github_app_for_splunk/default/eventtypes.conf @@ -50,7 +50,10 @@ search = `github_webhooks` action IN ("created", "resolved") "alert.secret_type" search = `github_webhooks` action IN ("create", "dismiss", "resolve") "alert.external_identifier"=* [GitHub::Workflow] -search = `github_webhooks` action IN ("queued","created","in_progress","completed") workflow_job.id=* +search = `github_webhooks` workflow.id=* action IN("requested","completed") + +[GitHub::Workflow::Job] +search = `github_webhooks` workflow_job.id=* action IN("queued","in_progress","completed") [github:enterprise:authentication] search = `github_source` sourcetype=GithubEnterpriseServerAuditLog app=* authentication_service=* signature=* pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy