Skip to content

Commit

Permalink
Remove Snowflake.Stream.AttemptedLoginByDisabledUser and assc. query (#…
Browse files Browse the repository at this point in the history 
…1444)
  • Loading branch information
@ben-githubs
ben-githubs authored Dec 9, 2024
1 parent 5f0db64 commit f8f7890
Show file tree
Hide file tree
Showing 5 changed files with 3 additions and 80 deletions.
4 changes: 3 additions & 1 deletion deprecated.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,4 +34,6 @@ Okta.GeographicallyImprobableAccess
Okta.BruteForceLogins
Query.Snowflake.PublicRoleGrant
Snowflake.PublicRoleGrant
GCP.K8S.Pot.Create.Or.Modify.Host.Path.Volume.Mount
GCP.K8S.Pot.Create.Or.Modify.Host.Path.Volume.Mount
Snowflake Attempted Login With Disabled User
Snowflake.Stream.AttemptedLoginByDisabledUser
2 changes: 0 additions & 2 deletions packs/snowflake_streaming.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,11 @@ PackDefinition:
# Helpers
- panther_snowflake_helpers
# Queries
- Snowflake Attempted Login With Disabled User
- Snowflake User Daily Query Volume Spike
- Snowflake User Daily Query Volume Spike - Threat Hunting
- Suspicious Snowflake Sessions - Unusual Application
# Rules
- Snowflake.Stream.AccountAdminGranted
- Snowflake.Stream.AttemptedLoginByDisabledUser
- Snowflake.Stream.BruteForceByIp
- Snowflake.Stream.BruteForceByUsername
- Snowflake.Stream.ExternalShares
Expand Down
12 changes: 0 additions & 12 deletions queries/snowflake_queries/snowflake_attempted_login_by_disabled_user.py
View file

This file was deleted.

42 changes: 0 additions & 42 deletions queries/snowflake_queries/snowflake_attempted_login_by_disabled_user.yml
View file

This file was deleted.

23 changes: 0 additions & 23 deletions queries/snowflake_queries/snowflake_attempted_login_by_disabled_user_query.yml
View file

This file was deleted.

0 comments on commit f8f7890

Please sign in to comment.