add salt logs (#1178)

nasbench · web-flow · commit 330e7fe2750f · 2026-06-02T12:33:16.000+01:00
diff --git a/datasets/emerging_threats/SaltTyphoon/salttyphoon.yml b/datasets/emerging_threats/SaltTyphoon/salttyphoon.yml
@@ -1,7 +1,7 @@
 author: Nasreddine Bencherchali, Splunk
 id: d403fecb-720c-48fb-9d1a-5671f0195513
 date: '2026-01-08'
-description: Generated datasets for Cisco IOS switch exploitation. Correlating Cisco Secure Firewall logs with Cisco IOS logs to detect SaltTyphoon activities.
+description: Generated datasets for Cisco IOS switch exploitation. Including correlation of Cisco Secure Firewall logs with Cisco IOS logs to detect SaltTyphoon activities, as well as standalone IOS XE logs.
 environment: NA
 directory: SaltTyphoon
 mitre_technique:
@@ -11,3 +11,7 @@ datasets:
   path: /datasets/emerging_threats/SaltTyphoon/salttyphoon_correlation.log
   sourcetype: stash
   source: not_applicable
+- name: salttyphoon_cisco
+  path: /datasets/emerging_threats/SaltTyphoon/salttyphoon_cisco.log
+  sourcetype: cisco:ios
+  source: not_applicable
diff --git a/datasets/emerging_threats/SaltTyphoon/salttyphoon_cisco.log b/datasets/emerging_threats/SaltTyphoon/salttyphoon_cisco.log
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:1b15d16661c25e4d201cf671d65aa3b0c4595b96d8323d8bc156ef8dfc4e8c82
+size 10386

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+version https://git-lfs.github.com/spec/v1`
	`2`	`+oid sha256:1b15d16661c25e4d201cf671d65aa3b0c4595b96d8323d8bc156ef8dfc4e8c82`
	`3`	`+size 10386`