Microsoft Advanced Threat Analytics 1.7 - 재정의 언어 팩

Microsoft.AdvancedThreatAnalytics.1_7.Overrides :: 1.9.2.0 (Management Pack)

Microsoft Advanced Threat Analytics 1.7용 관리 팩 - 재정의

요약

Advanced Threat Analytics 1.7용 재정의 관리 팩입니다. 이 관리 팩을 통해 보안 모니터링 규칙을 사용할 수 있습니다.

Management Pack Elements

Rule Property Overrides (21)

 IDContextTarget
Microsoft.AdvancedThreatAnalytics.1_7.Center.AbnormalBehaviorSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.Center.AbnormalBehaviorSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.CenterMicrosoft.AdvancedThreatAnalytics.1_7.Center.AbnormalBehaviorSuspiciousActivity
Microsoft.AdvancedThreatAnalytics.1_7.Center.AbnormalSmbSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.Center.AbnormalSmbSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.CenterMicrosoft.AdvancedThreatAnalytics.1_7.Center.AbnormalSmbSuspiciousActivity
Microsoft.AdvancedThreatAnalytics.1_7.Center.AccountEnumerationSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.Center.AccountEnumerationSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.CenterMicrosoft.AdvancedThreatAnalytics.1_7.Center.AccountEnumerationSuspiciousActivity
Microsoft.AdvancedThreatAnalytics.1_7.Center.BruteForceSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.Center.BruteForceSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.CenterMicrosoft.AdvancedThreatAnalytics.1_7.Center.BruteForceSuspiciousActivity
Microsoft.AdvancedThreatAnalytics.1_7.Center.ComputerPreauthenticationFailedSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.Center.ComputerPreauthenticationFailedSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.CenterMicrosoft.AdvancedThreatAnalytics.1_7.Center.ComputerPreauthenticationFailedSuspiciousActivity
Microsoft.AdvancedThreatAnalytics.1_7.Center.DirectoryServicesReplicationSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.Center.DirectoryServicesReplicationSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.CenterMicrosoft.AdvancedThreatAnalytics.1_7.Center.DirectoryServicesReplicationSuspiciousActivity
Microsoft.AdvancedThreatAnalytics.1_7.Center.DnsReconnaissanceSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.Center.DnsReconnaissanceSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.CenterMicrosoft.AdvancedThreatAnalytics.1_7.Center.DnsReconnaissanceSuspiciousActivity
Microsoft.AdvancedThreatAnalytics.1_7.Center.EncryptionDowngradeSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.Center.EncryptionDowngradeSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.CenterMicrosoft.AdvancedThreatAnalytics.1_7.Center.EncryptionDowngradeSuspiciousActivity
Microsoft.AdvancedThreatAnalytics.1_7.Center.EncryptionDowngradeSuspiciousActivity_GoldenTicket.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.Center.EncryptionDowngradeSuspiciousActivity_GoldenTicket.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.CenterMicrosoft.AdvancedThreatAnalytics.1_7.Center.EncryptionDowngradeSuspiciousActivity_GoldenTicket
Microsoft.AdvancedThreatAnalytics.1_7.Center.EncryptionDowngradeSuspiciousActivity_OverpasstheHash.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.Center.EncryptionDowngradeSuspiciousActivity_OverpasstheHash.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.CenterMicrosoft.AdvancedThreatAnalytics.1_7.Center.EncryptionDowngradeSuspiciousActivity_OverpasstheHash
Microsoft.AdvancedThreatAnalytics.1_7.Center.EncryptionDowngradeSuspiciousActivity_SkeletonKey.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.Center.EncryptionDowngradeSuspiciousActivity_SkeletonKey.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.CenterMicrosoft.AdvancedThreatAnalytics.1_7.Center.EncryptionDowngradeSuspiciousActivity_SkeletonKey
Microsoft.AdvancedThreatAnalytics.1_7.Center.EnumerateSessionsSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.Center.EnumerateSessionsSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.CenterMicrosoft.AdvancedThreatAnalytics.1_7.Center.EnumerateSessionsSuspiciousActivity
Microsoft.AdvancedThreatAnalytics.1_7.Center.ForgedPacSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.Center.ForgedPacSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.CenterMicrosoft.AdvancedThreatAnalytics.1_7.Center.ForgedPacSuspiciousActivity
Microsoft.AdvancedThreatAnalytics.1_7.Center.HoneytokenActivitySuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.Center.HoneytokenActivitySuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.CenterMicrosoft.AdvancedThreatAnalytics.1_7.Center.HoneytokenActivitySuspiciousActivity
Microsoft.AdvancedThreatAnalytics.1_7.Center.LdapSimpleBindCleartextPasswordSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.Center.LdapSimpleBindCleartextPasswordSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.CenterMicrosoft.AdvancedThreatAnalytics.1_7.Center.LdapSimpleBindCleartextPasswordSuspiciousActivity
Microsoft.AdvancedThreatAnalytics.1_7.Center.MassiveObjectDeletionSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.Center.MassiveObjectDeletionSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.CenterMicrosoft.AdvancedThreatAnalytics.1_7.Center.MassiveObjectDeletionSuspiciousActivity
Microsoft.AdvancedThreatAnalytics.1_7.Center.PassTheHashSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.Center.PassTheHashSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.CenterMicrosoft.AdvancedThreatAnalytics.1_7.Center.PassTheHashSuspiciousActivity
Microsoft.AdvancedThreatAnalytics.1_7.Center.PassTheTicketSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.Center.PassTheTicketSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.CenterMicrosoft.AdvancedThreatAnalytics.1_7.Center.PassTheTicketSuspiciousActivity
Microsoft.AdvancedThreatAnalytics.1_7.Center.RemoteExecutionSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.Center.RemoteExecutionSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.CenterMicrosoft.AdvancedThreatAnalytics.1_7.Center.RemoteExecutionSuspiciousActivity
Microsoft.AdvancedThreatAnalytics.1_7.Center.RetrieveDataProtectionBackupKeySuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.Center.RetrieveDataProtectionBackupKeySuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.CenterMicrosoft.AdvancedThreatAnalytics.1_7.Center.RetrieveDataProtectionBackupKeySuspiciousActivity
Microsoft.AdvancedThreatAnalytics.1_7.Center.SamrReconnaissanceSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.Center.SamrReconnaissanceSuspiciousActivity.OverrideMicrosoft.AdvancedThreatAnalytics.1_7.CenterMicrosoft.AdvancedThreatAnalytics.1_7.Center.SamrReconnaissanceSuspiciousActivity