Products: OISF - Suricata IDS
| Rule ID | Rule Name |
|---|---|
| MATCH-S00209 | CVE-2021-44228 Log4j2 Java Library 0-Day Attempt |
| MATCH-S00513 | Critical Severity Intrusion Signature |
| MATCH-S00454 | Firewall Allowed SMB Traffic |
| FIRST-S00030 | First Seen Outbound Connection to External IP Address on Port 445 from IP Address |
| FIRST-S00025 | First Seen SMB Allowed Traffic From IP |
| MATCH-S00666 | High Severity Intrusion Signature |
| THRESHOLD-S00079 | Inbound Port Scan |
| THRESHOLD-S00081 | Internal Port Sweep |
| THRESHOLD-S00514 | Intrusion Scan - Targeted |
| THRESHOLD-S00515 | Intrusion Sweep |
| MATCH-S00667 | Medium Severity Intrusion Signature |
| MATCH-S00554 | Outbound IRC Traffic |
| THRESHOLD-S00048 | Outbound Traffic to Countries Outside the United States |
| MATCH-S00560 | SMTP Traffic from Non-SMTP Servers |
| LEGACY-S00093 | Script/CLI UserAgent string |
| LEGACY-S00182 | Suspicious HTTP User-Agent |
| Log Mapper ID | Log Mapper Name |
|---|---|
| 0e22eac6-b12e-44b8-95d8-4c984cdb0ab4 | Suricata - JSON |
| 8d53d23e-ca67-477d-9e9e-697194abe6c9 | Suricata IDS |
| 55ad3632-1b1f-4326-a560-3c462835a38c | Suricata alerts |