ading rdp dataset

patel-bhavin · patel-bhavin · commit 8937281457bc · 2026-03-25T12:26:45.000+05:30
diff --git a/datasets/cisco_secure_access/firewall/firewall.yml b/datasets/cisco_secure_access/firewall/firewall.yml
@@ -0,0 +1,13 @@
+author: Bhavin Patel, Splunk
+id: 1fc537db-5e0b-4a2e-a768-27e08eff0c70
+date: '2026-03-19'
+description: |
+ Generated datasets for Cisco Secure Access Firewall EventType by manual /atomic-red team simulations in a K8s cluster running Tetragon
+environment: custom
+directory: cisco_secure_access/firewall
+mitre_technique: []
+datasets:
+- name: firewall
+  path: /datasets/cisco_secure_access/firewall/rdp_brute_force.log
+  sourcetype: cisco:secure_access:firewall
+  source: cisco_secure_access:firewall
diff --git a/datasets/cisco_secure_access/firewall/rdp_brute_force.log b/datasets/cisco_secure_access/firewall/rdp_brute_force.log
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:82fc54be49df5a1635be5c8b101c56ae68347e0e7f91f8c39439e5b673030e88
+size 4605

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+version https://git-lfs.github.com/spec/v1`
	`2`	`+oid sha256:82fc54be49df5a1635be5c8b101c56ae68347e0e7f91f8c39439e5b673030e88`
	`3`	`+size 4605`