Oracle - Put suspicious file

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Content Index

---

Detects PUT or POST of suspicious file

Attribute	Value
Type	Analytic Rule
Solution	OracleWebLogicServer
ID	edc2f2b4-573f-11ec-bf63-0242ac130002
Severity	Medium
Status	Available
Kind	Scheduled
Tactics	InitialAccess, Exfiltration
Techniques	T1190, T1133, T1048
Required Connectors	CustomLogsAma
Source	View on GitHub

Tables Used

This content item queries data from the following tables:

Table	Transformations	Ingestion API	Lake-Only
OracleWebLogicServer_CL	?	✓	?

---

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Analytic Rules · Back to OracleWebLogicServer