diff --git a/contentctl.yml b/contentctl.yml index 777310b82a..cff272dd6b 100644 --- a/contentctl.yml +++ b/contentctl.yml @@ -143,9 +143,9 @@ apps: - uid: 1876 title: Splunk Add-on for AWS appid: Splunk_TA_aws - version: 7.10.0 + version: 7.11.0 description: description of app - hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-amazon-web-services-aws_7100.tgz + hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-amazon-web-services-aws_7110.tgz - uid: 3088 title: Splunk Add-on for Google Cloud Platform appid: SPLUNK_ADD_ON_FOR_GOOGLE_CLOUD_PLATFORM diff --git a/data_sources/asl_aws_cloudtrail.yml b/data_sources/asl_aws_cloudtrail.yml index 533fa2aa1e..bb4324f26c 100644 --- a/data_sources/asl_aws_cloudtrail.yml +++ b/data_sources/asl_aws_cloudtrail.yml @@ -23,7 +23,7 @@ separator: api.operation supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 output_fields: - dest - user diff --git a/data_sources/aws_cloudfront.yml b/data_sources/aws_cloudfront.yml index 18022c8eda..d43b6ae8c4 100644 --- a/data_sources/aws_cloudfront.yml +++ b/data_sources/aws_cloudfront.yml @@ -17,7 +17,7 @@ sourcetype: aws:cloudfront:accesslogs supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail.yml b/data_sources/aws_cloudtrail.yml index 406ed9e6d6..b33bf24ee5 100644 --- a/data_sources/aws_cloudtrail.yml +++ b/data_sources/aws_cloudtrail.yml @@ -10,4 +10,4 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 diff --git a/data_sources/aws_cloudtrail_assumerolewithsaml.yml b/data_sources/aws_cloudtrail_assumerolewithsaml.yml index b09d375653..98759f58e5 100644 --- a/data_sources/aws_cloudtrail_assumerolewithsaml.yml +++ b/data_sources/aws_cloudtrail_assumerolewithsaml.yml @@ -18,7 +18,7 @@ separator_value: AssumeRoleWithSAML supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_consolelogin.yml b/data_sources/aws_cloudtrail_consolelogin.yml index 494e5ae5e2..191f0e8f53 100644 --- a/data_sources/aws_cloudtrail_consolelogin.yml +++ b/data_sources/aws_cloudtrail_consolelogin.yml @@ -18,7 +18,7 @@ separator_value: ConsoleLogin supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_copyobject.yml b/data_sources/aws_cloudtrail_copyobject.yml index ed52b0bef2..8bde3d0c94 100644 --- a/data_sources/aws_cloudtrail_copyobject.yml +++ b/data_sources/aws_cloudtrail_copyobject.yml @@ -17,7 +17,7 @@ separator_value: CopyObject supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - additionalEventData.AuthenticationMethod diff --git a/data_sources/aws_cloudtrail_createaccesskey.yml b/data_sources/aws_cloudtrail_createaccesskey.yml index 849f508d7a..d6103f7417 100644 --- a/data_sources/aws_cloudtrail_createaccesskey.yml +++ b/data_sources/aws_cloudtrail_createaccesskey.yml @@ -17,7 +17,7 @@ separator_value: CreateAccessKey supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_createkey.yml b/data_sources/aws_cloudtrail_createkey.yml index 5e6d8817cb..77f4033612 100644 --- a/data_sources/aws_cloudtrail_createkey.yml +++ b/data_sources/aws_cloudtrail_createkey.yml @@ -17,7 +17,7 @@ separator_value: CreateKey supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_createloginprofile.yml b/data_sources/aws_cloudtrail_createloginprofile.yml index cda00b9ad8..3b5b0f5f6c 100644 --- a/data_sources/aws_cloudtrail_createloginprofile.yml +++ b/data_sources/aws_cloudtrail_createloginprofile.yml @@ -17,7 +17,7 @@ separator_value: CreateLoginProfile supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_createnetworkaclentry.yml b/data_sources/aws_cloudtrail_createnetworkaclentry.yml index 962525f27c..32bbdfe35c 100644 --- a/data_sources/aws_cloudtrail_createnetworkaclentry.yml +++ b/data_sources/aws_cloudtrail_createnetworkaclentry.yml @@ -17,7 +17,7 @@ separator_value: CreateNetworkAclEntry supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_createpolicyversion.yml b/data_sources/aws_cloudtrail_createpolicyversion.yml index 5190b773cb..cff1c696dc 100644 --- a/data_sources/aws_cloudtrail_createpolicyversion.yml +++ b/data_sources/aws_cloudtrail_createpolicyversion.yml @@ -17,7 +17,7 @@ separator_value: CreatePolicyVersion supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_createsnapshot.yml b/data_sources/aws_cloudtrail_createsnapshot.yml index d97be79381..36bd8d9fd2 100644 --- a/data_sources/aws_cloudtrail_createsnapshot.yml +++ b/data_sources/aws_cloudtrail_createsnapshot.yml @@ -17,7 +17,7 @@ separator_value: CreateSnapshot supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_createtask.yml b/data_sources/aws_cloudtrail_createtask.yml index 5fa4e6b24f..fec4ffdefc 100644 --- a/data_sources/aws_cloudtrail_createtask.yml +++ b/data_sources/aws_cloudtrail_createtask.yml @@ -17,7 +17,7 @@ separator_value: CreateTask supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_createvirtualmfadevice.yml b/data_sources/aws_cloudtrail_createvirtualmfadevice.yml index e2c5e32a53..700e754906 100644 --- a/data_sources/aws_cloudtrail_createvirtualmfadevice.yml +++ b/data_sources/aws_cloudtrail_createvirtualmfadevice.yml @@ -17,7 +17,7 @@ separator_value: CreateVirtualMFADevice supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deactivatemfadevice.yml b/data_sources/aws_cloudtrail_deactivatemfadevice.yml index 1a9f53f98c..f2bc50603b 100644 --- a/data_sources/aws_cloudtrail_deactivatemfadevice.yml +++ b/data_sources/aws_cloudtrail_deactivatemfadevice.yml @@ -17,7 +17,7 @@ separator_value: DeactivateMFADevice supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deleteaccountpasswordpolicy.yml b/data_sources/aws_cloudtrail_deleteaccountpasswordpolicy.yml index 97144b65e7..8df5bf8c78 100644 --- a/data_sources/aws_cloudtrail_deleteaccountpasswordpolicy.yml +++ b/data_sources/aws_cloudtrail_deleteaccountpasswordpolicy.yml @@ -15,7 +15,7 @@ separator_value: DeleteAccountPasswordPolicy supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deletealarms.yml b/data_sources/aws_cloudtrail_deletealarms.yml index bceb6c2747..9d0ff1600a 100644 --- a/data_sources/aws_cloudtrail_deletealarms.yml +++ b/data_sources/aws_cloudtrail_deletealarms.yml @@ -17,7 +17,7 @@ separator_value: DeleteAlarms supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deletedetector.yml b/data_sources/aws_cloudtrail_deletedetector.yml index 432aefe7db..5a2cdaf36c 100644 --- a/data_sources/aws_cloudtrail_deletedetector.yml +++ b/data_sources/aws_cloudtrail_deletedetector.yml @@ -17,7 +17,7 @@ separator_value: DeleteDetector supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_deletegroup.yml b/data_sources/aws_cloudtrail_deletegroup.yml index b22e668e7f..b6624cea96 100644 --- a/data_sources/aws_cloudtrail_deletegroup.yml +++ b/data_sources/aws_cloudtrail_deletegroup.yml @@ -17,7 +17,7 @@ separator_value: DeleteGroup supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deleteguardrail.yml b/data_sources/aws_cloudtrail_deleteguardrail.yml index b456fd9141..ca0c189ad4 100644 --- a/data_sources/aws_cloudtrail_deleteguardrail.yml +++ b/data_sources/aws_cloudtrail_deleteguardrail.yml @@ -13,7 +13,7 @@ separator_value: DeleteGuardrail supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deleteipset.yml b/data_sources/aws_cloudtrail_deleteipset.yml index 65a1f1e113..d663f0c417 100644 --- a/data_sources/aws_cloudtrail_deleteipset.yml +++ b/data_sources/aws_cloudtrail_deleteipset.yml @@ -16,7 +16,7 @@ separator_value: DeleteIPSet supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_deleteknowledgebase.yml b/data_sources/aws_cloudtrail_deleteknowledgebase.yml index 0346fb743b..b300a73280 100644 --- a/data_sources/aws_cloudtrail_deleteknowledgebase.yml +++ b/data_sources/aws_cloudtrail_deleteknowledgebase.yml @@ -13,7 +13,7 @@ separator_value: DeleteKnowledgeBase supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deleteloggingconfiguration.yml b/data_sources/aws_cloudtrail_deleteloggingconfiguration.yml index 674c2904bd..ca5f2cae12 100644 --- a/data_sources/aws_cloudtrail_deleteloggingconfiguration.yml +++ b/data_sources/aws_cloudtrail_deleteloggingconfiguration.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time example_log: '' diff --git a/data_sources/aws_cloudtrail_deleteloggroup.yml b/data_sources/aws_cloudtrail_deleteloggroup.yml index aff4e36193..e95ae6cc6e 100644 --- a/data_sources/aws_cloudtrail_deleteloggroup.yml +++ b/data_sources/aws_cloudtrail_deleteloggroup.yml @@ -17,7 +17,7 @@ separator_value: DeleteLogGroup supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - apiVersion diff --git a/data_sources/aws_cloudtrail_deletelogstream.yml b/data_sources/aws_cloudtrail_deletelogstream.yml index cb7f445dc5..79800c5bc6 100644 --- a/data_sources/aws_cloudtrail_deletelogstream.yml +++ b/data_sources/aws_cloudtrail_deletelogstream.yml @@ -17,7 +17,7 @@ separator_value: DeleteLogStream supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - apiVersion diff --git a/data_sources/aws_cloudtrail_deletemodelinvocationloggingconfiguration.yml b/data_sources/aws_cloudtrail_deletemodelinvocationloggingconfiguration.yml index 5c49a57e2e..fff73851f0 100644 --- a/data_sources/aws_cloudtrail_deletemodelinvocationloggingconfiguration.yml +++ b/data_sources/aws_cloudtrail_deletemodelinvocationloggingconfiguration.yml @@ -14,7 +14,7 @@ separator_value: DeleteModelInvocationLoggingConfiguration supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deletenetworkaclentry.yml b/data_sources/aws_cloudtrail_deletenetworkaclentry.yml index 73e3dc5600..c370577de2 100644 --- a/data_sources/aws_cloudtrail_deletenetworkaclentry.yml +++ b/data_sources/aws_cloudtrail_deletenetworkaclentry.yml @@ -16,7 +16,7 @@ separator_value: DeleteNetworkAclEntry supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deletepolicy.yml b/data_sources/aws_cloudtrail_deletepolicy.yml index 66b37130f9..5fa0d00fbc 100644 --- a/data_sources/aws_cloudtrail_deletepolicy.yml +++ b/data_sources/aws_cloudtrail_deletepolicy.yml @@ -15,7 +15,7 @@ separator_value: DeletePolicy supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deleterule.yml b/data_sources/aws_cloudtrail_deleterule.yml index 9721d37eff..f042a012c1 100644 --- a/data_sources/aws_cloudtrail_deleterule.yml +++ b/data_sources/aws_cloudtrail_deleterule.yml @@ -17,7 +17,7 @@ separator_value: DeleteRule supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - apiVersion diff --git a/data_sources/aws_cloudtrail_deleterulegroup.yml b/data_sources/aws_cloudtrail_deleterulegroup.yml index 7ed729c811..cd8d1aaad5 100644 --- a/data_sources/aws_cloudtrail_deleterulegroup.yml +++ b/data_sources/aws_cloudtrail_deleterulegroup.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time example_log: '' diff --git a/data_sources/aws_cloudtrail_deletesnapshot.yml b/data_sources/aws_cloudtrail_deletesnapshot.yml index 153709d9d6..b892915728 100644 --- a/data_sources/aws_cloudtrail_deletesnapshot.yml +++ b/data_sources/aws_cloudtrail_deletesnapshot.yml @@ -17,7 +17,7 @@ separator_value: DeleteSnapshot supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deletetrail.yml b/data_sources/aws_cloudtrail_deletetrail.yml index e0fa27c973..2089fefb11 100644 --- a/data_sources/aws_cloudtrail_deletetrail.yml +++ b/data_sources/aws_cloudtrail_deletetrail.yml @@ -17,7 +17,7 @@ separator_value: DeleteTrail supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_deletevirtualmfadevice.yml b/data_sources/aws_cloudtrail_deletevirtualmfadevice.yml index cdde432ed6..0b9c95953b 100644 --- a/data_sources/aws_cloudtrail_deletevirtualmfadevice.yml +++ b/data_sources/aws_cloudtrail_deletevirtualmfadevice.yml @@ -15,7 +15,7 @@ separator_value: DeleteVirtualMFADevice supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deletewebacl.yml b/data_sources/aws_cloudtrail_deletewebacl.yml index 215fb1482d..9a2fd4f3ec 100644 --- a/data_sources/aws_cloudtrail_deletewebacl.yml +++ b/data_sources/aws_cloudtrail_deletewebacl.yml @@ -15,7 +15,7 @@ separator_value: DeleteWebACL supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - apiVersion diff --git a/data_sources/aws_cloudtrail_describeeventaggregates.yml b/data_sources/aws_cloudtrail_describeeventaggregates.yml index 823807ca16..3664b4301c 100644 --- a/data_sources/aws_cloudtrail_describeeventaggregates.yml +++ b/data_sources/aws_cloudtrail_describeeventaggregates.yml @@ -15,7 +15,7 @@ separator_value: DescribeEventAggregates supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_describeimagescanfindings.yml b/data_sources/aws_cloudtrail_describeimagescanfindings.yml index d3060806ca..3400093588 100644 --- a/data_sources/aws_cloudtrail_describeimagescanfindings.yml +++ b/data_sources/aws_cloudtrail_describeimagescanfindings.yml @@ -16,7 +16,7 @@ separator_value: DescribeImageScanFindings supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_describesnapshotattribute.yml b/data_sources/aws_cloudtrail_describesnapshotattribute.yml index 46b893b72d..4008f9a3e5 100644 --- a/data_sources/aws_cloudtrail_describesnapshotattribute.yml +++ b/data_sources/aws_cloudtrail_describesnapshotattribute.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - action - app diff --git a/data_sources/aws_cloudtrail_getaccountpasswordpolicy.yml b/data_sources/aws_cloudtrail_getaccountpasswordpolicy.yml index 0a55d62de7..976f5b48db 100644 --- a/data_sources/aws_cloudtrail_getaccountpasswordpolicy.yml +++ b/data_sources/aws_cloudtrail_getaccountpasswordpolicy.yml @@ -15,7 +15,7 @@ separator_value: GetAccountPasswordPolicy supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_getobject.yml b/data_sources/aws_cloudtrail_getobject.yml index 0d508ca669..fc81d85ade 100644 --- a/data_sources/aws_cloudtrail_getobject.yml +++ b/data_sources/aws_cloudtrail_getobject.yml @@ -16,7 +16,7 @@ separator_value: GetObject supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - additionalEventData.AuthenticationMethod diff --git a/data_sources/aws_cloudtrail_getpassworddata.yml b/data_sources/aws_cloudtrail_getpassworddata.yml index e031bc7f0a..ef38ee3110 100644 --- a/data_sources/aws_cloudtrail_getpassworddata.yml +++ b/data_sources/aws_cloudtrail_getpassworddata.yml @@ -15,7 +15,7 @@ separator_value: GetPasswordData supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_invokemodel.yml b/data_sources/aws_cloudtrail_invokemodel.yml index d3de24b5f6..bf1f93d57e 100644 --- a/data_sources/aws_cloudtrail_invokemodel.yml +++ b/data_sources/aws_cloudtrail_invokemodel.yml @@ -13,7 +13,7 @@ separator_value: InvokeModel supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_jobcreated.yml b/data_sources/aws_cloudtrail_jobcreated.yml index a08881a9a4..8593885177 100644 --- a/data_sources/aws_cloudtrail_jobcreated.yml +++ b/data_sources/aws_cloudtrail_jobcreated.yml @@ -14,7 +14,7 @@ separator_value: JobCreated supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_listfoundationmodels.yml b/data_sources/aws_cloudtrail_listfoundationmodels.yml index 9fe65382a8..b98bd993da 100644 --- a/data_sources/aws_cloudtrail_listfoundationmodels.yml +++ b/data_sources/aws_cloudtrail_listfoundationmodels.yml @@ -14,7 +14,7 @@ separator_value: ListFoundationModels supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_modifydbinstance.yml b/data_sources/aws_cloudtrail_modifydbinstance.yml index 5ce95d51f3..d58556749c 100644 --- a/data_sources/aws_cloudtrail_modifydbinstance.yml +++ b/data_sources/aws_cloudtrail_modifydbinstance.yml @@ -16,7 +16,7 @@ separator_value: ModifyDBInstance supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_modifyimageattribute.yml b/data_sources/aws_cloudtrail_modifyimageattribute.yml index c5109f25fb..472768d7c1 100644 --- a/data_sources/aws_cloudtrail_modifyimageattribute.yml +++ b/data_sources/aws_cloudtrail_modifyimageattribute.yml @@ -15,7 +15,7 @@ separator_value: ModifyImageAttribute supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_modifysnapshotattribute.yml b/data_sources/aws_cloudtrail_modifysnapshotattribute.yml index 86e54f2e5b..9362228f2b 100644 --- a/data_sources/aws_cloudtrail_modifysnapshotattribute.yml +++ b/data_sources/aws_cloudtrail_modifysnapshotattribute.yml @@ -14,7 +14,7 @@ separator_value: ModifySnapshotAttribute supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_putbucketacl.yml b/data_sources/aws_cloudtrail_putbucketacl.yml index 089c963090..bd560a8a68 100644 --- a/data_sources/aws_cloudtrail_putbucketacl.yml +++ b/data_sources/aws_cloudtrail_putbucketacl.yml @@ -15,7 +15,7 @@ separator_value: PutBucketAcl supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_putbucketlifecycle.yml b/data_sources/aws_cloudtrail_putbucketlifecycle.yml index 08f666740c..f9ec4743f1 100644 --- a/data_sources/aws_cloudtrail_putbucketlifecycle.yml +++ b/data_sources/aws_cloudtrail_putbucketlifecycle.yml @@ -15,7 +15,7 @@ separator_value: PutBucketLifecycle supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - additionalEventData.AuthenticationMethod diff --git a/data_sources/aws_cloudtrail_putbucketreplication.yml b/data_sources/aws_cloudtrail_putbucketreplication.yml index 2cd72119a5..bad8b16e5b 100644 --- a/data_sources/aws_cloudtrail_putbucketreplication.yml +++ b/data_sources/aws_cloudtrail_putbucketreplication.yml @@ -14,7 +14,7 @@ separator_value: PutBucketReplication supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - additionalEventData.AuthenticationMethod diff --git a/data_sources/aws_cloudtrail_putbucketversioning.yml b/data_sources/aws_cloudtrail_putbucketversioning.yml index 3b4a351478..7102a965c7 100644 --- a/data_sources/aws_cloudtrail_putbucketversioning.yml +++ b/data_sources/aws_cloudtrail_putbucketversioning.yml @@ -14,7 +14,7 @@ separator_value: PutBucketVersioning supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - additionalEventData.AuthenticationMethod diff --git a/data_sources/aws_cloudtrail_putimage.yml b/data_sources/aws_cloudtrail_putimage.yml index 061c2b6755..8fadbb3c45 100644 --- a/data_sources/aws_cloudtrail_putimage.yml +++ b/data_sources/aws_cloudtrail_putimage.yml @@ -15,7 +15,7 @@ separator_value: PutImage supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_putkeypolicy.yml b/data_sources/aws_cloudtrail_putkeypolicy.yml index 213a7af6bb..58c4565737 100644 --- a/data_sources/aws_cloudtrail_putkeypolicy.yml +++ b/data_sources/aws_cloudtrail_putkeypolicy.yml @@ -11,7 +11,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_replacenetworkaclentry.yml b/data_sources/aws_cloudtrail_replacenetworkaclentry.yml index ab15689f19..a41415a4d0 100644 --- a/data_sources/aws_cloudtrail_replacenetworkaclentry.yml +++ b/data_sources/aws_cloudtrail_replacenetworkaclentry.yml @@ -14,7 +14,7 @@ separator_value: ReplaceNetworkAclEntry supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_setdefaultpolicyversion.yml b/data_sources/aws_cloudtrail_setdefaultpolicyversion.yml index 560b72c8ce..d23063911e 100644 --- a/data_sources/aws_cloudtrail_setdefaultpolicyversion.yml +++ b/data_sources/aws_cloudtrail_setdefaultpolicyversion.yml @@ -15,7 +15,7 @@ separator_value: SetDefaultPolicyVersion supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_stoplogging.yml b/data_sources/aws_cloudtrail_stoplogging.yml index 0a4d2d1e2d..20eea3e2cf 100644 --- a/data_sources/aws_cloudtrail_stoplogging.yml +++ b/data_sources/aws_cloudtrail_stoplogging.yml @@ -14,7 +14,7 @@ separator_value: StopLogging supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_updateaccountpasswordpolicy.yml b/data_sources/aws_cloudtrail_updateaccountpasswordpolicy.yml index 79c2631387..04ced13847 100644 --- a/data_sources/aws_cloudtrail_updateaccountpasswordpolicy.yml +++ b/data_sources/aws_cloudtrail_updateaccountpasswordpolicy.yml @@ -14,7 +14,7 @@ separator_value: UpdateAccountPasswordPolicy supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_updateloginprofile.yml b/data_sources/aws_cloudtrail_updateloginprofile.yml index 12bb93924e..64115cda43 100644 --- a/data_sources/aws_cloudtrail_updateloginprofile.yml +++ b/data_sources/aws_cloudtrail_updateloginprofile.yml @@ -14,7 +14,7 @@ separator_value: UpdateLoginProfile supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_updatesamlprovider.yml b/data_sources/aws_cloudtrail_updatesamlprovider.yml index 888cf56f7f..cff9fdc6e3 100644 --- a/data_sources/aws_cloudtrail_updatesamlprovider.yml +++ b/data_sources/aws_cloudtrail_updatesamlprovider.yml @@ -15,7 +15,7 @@ separator_value: UpdateSAMLProvider supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_updatetrail.yml b/data_sources/aws_cloudtrail_updatetrail.yml index bd2f863799..5936758d9c 100644 --- a/data_sources/aws_cloudtrail_updatetrail.yml +++ b/data_sources/aws_cloudtrail_updatetrail.yml @@ -15,7 +15,7 @@ separator_value: UpdateTrail supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - app diff --git a/data_sources/aws_cloudwatchlogs_vpcflow.yml b/data_sources/aws_cloudwatchlogs_vpcflow.yml index a065b7ab3c..d09bf49e16 100644 --- a/data_sources/aws_cloudwatchlogs_vpcflow.yml +++ b/data_sources/aws_cloudwatchlogs_vpcflow.yml @@ -13,7 +13,7 @@ source: aws_cloudwatchlogs_vpcflow sourcetype: aws:cloudwatchlogs:vpcflow supported_TA: - name: Splunk Add-on for AWS - version: 7.10.0 + version: 7.11.0 url: https://splunkbase.splunk.com/app/1876 fields: - _raw diff --git a/data_sources/aws_security_hub.yml b/data_sources/aws_security_hub.yml index c3a0d339ed..dc57550d33 100644 --- a/data_sources/aws_security_hub.yml +++ b/data_sources/aws_security_hub.yml @@ -15,7 +15,7 @@ sourcetype: aws:securityhub:finding supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.10.0 + version: 7.11.0 fields: - _time - AwsAccountId