Skip to content

Commit

Permalink
Merge pull request #91 from JupiterOne/KNO-256
Browse files Browse the repository at this point in the history 
added critical-assets-critical-alert rule
  • Loading branch information
@SeaBlooms
SeaBlooms authored Jan 23, 2024
2 parents 36eb129 + c66a7cc commit 091bd5d
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 2 deletions.
2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@jupiterone/jupiterone-alert-rules",
"version": "0.21.0",
"version": "0.22.0",
"description": "Alert rule packages for the JupiterOne platform",
"repository": {
"type": "git",
Expand Down
15 changes: 14 additions & 1 deletion rule-packs/critical-assets.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,8 @@
"query": "Find #CriticalAsset with _createdOn >= date.now-24hours",
"version": "v1"
}
]
],
"alertLevel": "INFO"
},
{
"name": "critical-assets-deleted",
Expand All @@ -34,5 +35,17 @@
}
],
"alertLevel": "CRITICAL"
},
{
"name": "critical-assets-critical-alert",
"description": "Find critical assets with a critical alert associated. These Detections, Problems, or Misconfigurations should be triaged and resolved as a priority.",
"queries": [
{
"name": "query0",
"query": "FIND #CriticalAsset THAT HAS Alert WITH level = 'CRITICAL' AND displayName != 'critical-assets-critical-alert'",
"version": "v1"
}
],
"alertLevel": "CRITICAL"
}
]

0 comments on commit 091bd5d

Please sign in to comment.