From 4654ed145988e1fb848f1e36d68eb4ce4e544588 Mon Sep 17 00:00:00 2001 From: Bhavin Patel Date: Thu, 21 Aug 2025 10:06:26 -0700 Subject: [PATCH] updating snort data --- .../static_tundra/static_tundra.log | 3 +++ .../static_tundra/static_tundra.yml | 12 ++++++++++++ 2 files changed, 15 insertions(+) create mode 100644 datasets/cisco_secure_firewall_threat_defense/static_tundra/static_tundra.log create mode 100644 datasets/cisco_secure_firewall_threat_defense/static_tundra/static_tundra.yml diff --git a/datasets/cisco_secure_firewall_threat_defense/static_tundra/static_tundra.log b/datasets/cisco_secure_firewall_threat_defense/static_tundra/static_tundra.log new file mode 100644 index 00000000..bcbddd5e --- /dev/null +++ b/datasets/cisco_secure_firewall_threat_defense/static_tundra/static_tundra.log @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:37e5b7a2f14d0784ac0005bb6a71f446952e5552599d98bc2d47fcc9830bd45c +size 4766 diff --git a/datasets/cisco_secure_firewall_threat_defense/static_tundra/static_tundra.yml b/datasets/cisco_secure_firewall_threat_defense/static_tundra/static_tundra.yml new file mode 100644 index 00000000..fba3bb39 --- /dev/null +++ b/datasets/cisco_secure_firewall_threat_defense/static_tundra/static_tundra.yml @@ -0,0 +1,12 @@ +author: Bhavin Patel, Michael Haag, Splunk +id: 8d843885-584d-43ef-926c-03d04ec22639 +date: '2025-08-21' +description: Synthetically generated datasets for testing Cisco Secure Firewall - Static Tundra Smart Install Abuse +environment: manual simulations in a controlled lab environment +mitre_technique: +- T1190 +datasets: +- name: static_tundra_snort_events + path: /datasets/cisco_secure_firewall_threat_defense/static_tundra/static_tundra.log + sourcetype: cisco:sfw:estreamer + source: cisco:sfw:estreamer \ No newline at end of file