From e62a23690d93db3ddccdafb9f38649b8fdeb0f0d Mon Sep 17 00:00:00 2001 From: Sandeep Singh Date: Tue, 31 May 2022 20:13:08 +0530 Subject: [PATCH] Added positive matcher to avoid false positive result. (#4517) --- file/audit/cisco/configure-aaa-service.yaml | 4 ++++ file/audit/cisco/configure-service-timestamps-debug.yaml | 4 ++++ .../audit/cisco/configure-service-timestamps-logmessages.yaml | 4 ++++ file/audit/cisco/disable-ip-source-route.yaml | 4 ++++ file/audit/cisco/disable-pad-service.yaml | 4 ++++ file/audit/cisco/enable-secret-for-password-user-and-.yaml | 4 ++++ file/audit/cisco/logging-enable.yaml | 4 ++++ file/audit/cisco/set-and-secure-passwords.yaml | 4 ++++ 8 files changed, 32 insertions(+) diff --git a/file/audit/cisco/configure-aaa-service.yaml b/file/audit/cisco/configure-aaa-service.yaml index 527fdfb7c7..2b1d96e41a 100644 --- a/file/audit/cisco/configure-aaa-service.yaml +++ b/file/audit/cisco/configure-aaa-service.yaml @@ -20,3 +20,7 @@ file: words: - "aaa new-model" negative: true + + - type: word + words: + - "configure terminal" \ No newline at end of file diff --git a/file/audit/cisco/configure-service-timestamps-debug.yaml b/file/audit/cisco/configure-service-timestamps-debug.yaml index bd1a8fd463..1b04235e7c 100644 --- a/file/audit/cisco/configure-service-timestamps-debug.yaml +++ b/file/audit/cisco/configure-service-timestamps-debug.yaml @@ -20,3 +20,7 @@ file: words: - "service timestamps debug datetime msec show-timezone localtime" negative: true + + - type: word + words: + - "configure terminal" \ No newline at end of file diff --git a/file/audit/cisco/configure-service-timestamps-logmessages.yaml b/file/audit/cisco/configure-service-timestamps-logmessages.yaml index f313898b8e..61c12cdcf4 100644 --- a/file/audit/cisco/configure-service-timestamps-logmessages.yaml +++ b/file/audit/cisco/configure-service-timestamps-logmessages.yaml @@ -20,3 +20,7 @@ file: words: - "service timestamps log datetime msec show-timezone localtime" negative: true + + - type: word + words: + - "configure terminal" \ No newline at end of file diff --git a/file/audit/cisco/disable-ip-source-route.yaml b/file/audit/cisco/disable-ip-source-route.yaml index 3ec035e2b0..e0937bccfd 100644 --- a/file/audit/cisco/disable-ip-source-route.yaml +++ b/file/audit/cisco/disable-ip-source-route.yaml @@ -20,3 +20,7 @@ file: words: - "no ip source-route" negative: true + + - type: word + words: + - "configure terminal" \ No newline at end of file diff --git a/file/audit/cisco/disable-pad-service.yaml b/file/audit/cisco/disable-pad-service.yaml index 6dab7228da..a3b355aed4 100644 --- a/file/audit/cisco/disable-pad-service.yaml +++ b/file/audit/cisco/disable-pad-service.yaml @@ -20,3 +20,7 @@ file: words: - "no service pad" negative: true + + - type: word + words: + - "configure terminal" \ No newline at end of file diff --git a/file/audit/cisco/enable-secret-for-password-user-and-.yaml b/file/audit/cisco/enable-secret-for-password-user-and-.yaml index 879f9894f7..1ef7e4512f 100644 --- a/file/audit/cisco/enable-secret-for-password-user-and-.yaml +++ b/file/audit/cisco/enable-secret-for-password-user-and-.yaml @@ -20,3 +20,7 @@ file: words: - "enable secret" negative: true + + - type: word + words: + - "configure terminal" \ No newline at end of file diff --git a/file/audit/cisco/logging-enable.yaml b/file/audit/cisco/logging-enable.yaml index 4c7f4a27bc..bcbf9c75d3 100644 --- a/file/audit/cisco/logging-enable.yaml +++ b/file/audit/cisco/logging-enable.yaml @@ -20,3 +20,7 @@ file: words: - "logging enable" negative: true + + - type: word + words: + - "configure terminal" \ No newline at end of file diff --git a/file/audit/cisco/set-and-secure-passwords.yaml b/file/audit/cisco/set-and-secure-passwords.yaml index d432d234d2..275d70d9dd 100644 --- a/file/audit/cisco/set-and-secure-passwords.yaml +++ b/file/audit/cisco/set-and-secure-passwords.yaml @@ -20,3 +20,7 @@ file: words: - "service password-encryption" negative: true + + - type: word + words: + - "configure terminal" \ No newline at end of file