Merge pull request #1132 from splunk/cs_update

ljstella · web-flow · commit de713ff27324 · 2026-02-06T11:09:12.000-05:00
Adding file for Bryan
diff --git a/datasets/suspicious_behaviour/crowdstrike_stream/event_stream_events/stream_events_2.log b/datasets/suspicious_behaviour/crowdstrike_stream/event_stream_events/stream_events_2.log
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:fe76ce949b1c2fb84d397bbf698784c356da7134d3f0fc378bc2920528a0ea48
+size 77923
diff --git a/datasets/suspicious_behaviour/crowdstrike_stream/event_stream_events/stream_events_old.yml b/datasets/suspicious_behaviour/crowdstrike_stream/event_stream_events/stream_events_old.yml
@@ -1,11 +1,12 @@
 author: Bryan Pluta, Splunk
 id: ddc1277f-7cfb-47cd-80d2-a84dd4b873ac
-date: '2025-06-02'
+date: '2026-02-06'
 description: Generated datasets from a demo environment for Crowdstrike Event Stream Events.
 environment: NA
 dataset:
 - https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/suspicious_behaviour/crowdstrike_stream/event_stream_events/stream_events.log
+- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/suspicious_behaviour/crowdstrike_stream/event_stream_events/stream_events_2.log
 sourcetypes:
 - 'CrowdStrike:Event:Streams:JSON'
 references:
-- https://www.crowdstrike.com/en-us/resources/guides/crowdstrike-falcon-event-streams-add-on-for-splunk-guide-v3/
+- https://www.crowdstrike.com/en-us/resources/guides/crowdstrike-falcon-event-streams-add-on-for-splunk-guide-v3/

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+version https://git-lfs.github.com/spec/v1`
	`2`	`+oid sha256:fe76ce949b1c2fb84d397bbf698784c356da7134d3f0fc378bc2920528a0ea48`
	`3`	`+size 77923`