Skip to content

Add suppression tags #32687

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add suppression tags #32687

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
58 changes: 47 additions & 11 deletions content/en/api/v2/security-monitoring/examples.json
View file
Open in desktop

Large diffs are not rendered by default.

6 changes: 5 additions & 1 deletion content/en/api/v2/security-monitoring/request.CreateSecurityMonitoringSuppression.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,11 @@
"expiration_date": 1638443471000,
"name": "Example-Security-Monitoring",
"rule_query": "type:log_detection source:cloudtrail",
"suppression_query": "env:staging status:low"
"suppression_query": "env:staging status:low",
"tags": [
"technique:T1110-brute-force",
"source:cloudtrail"
]
},
"type": "suppressions"
}
Expand Down
24 changes: 24 additions & 0 deletions data/api/v2/full_spec.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47415,6 +47415,14 @@ components:
the queries to search signals in the signal explorer.
example: env:staging status:low
type: string
tags:
description: List of tags associated with the suppression rule.
example:
- technique:T1110-brute-force
- source:cloudtrail
items:
type: string
type: array
update_date:
description: A Unix millisecond timestamp given the update date of the suppression
rule.
Expand Down Expand Up @@ -47476,6 +47484,14 @@ components:
same syntax as the queries to search signals in the Signals Explorer.
example: env:staging status:low
type: string
tags:
description: List of tags associated with the suppression rule.
example:
- technique:T1110-brute-force
- source:cloudtrail
items:
type: string
type: array
required:
- name
- enabled
Expand Down Expand Up @@ -47571,6 +47587,14 @@ components:
the queries to search signals in the signal explorer.
example: env:staging status:low
type: string
tags:
description: List of tags associated with the suppression rule.
example:
- technique:T1110-brute-force
- source:cloudtrail
items:
type: string
type: array
version:
description: The current version of the suppression. This is optional, but
it can help prevent concurrent modifications.
Expand Down
Loading
Loading