{"id":18374538,"url":"https://github.com/jupiterone/jupiterone-alert-rules","last_synced_at":"2025-06-17T02:35:39.578Z","repository":{"id":34645426,"uuid":"180574470","full_name":"JupiterOne/jupiterone-alert-rules","owner":"JupiterOne","description":"Alert rules for JupiterOne security auditing","archived":false,"fork":false,"pushed_at":"2024-12-16T23:52:12.000Z","size":463,"stargazers_count":13,"open_issues_count":6,"forks_count":7,"subscribers_count":18,"default_branch":"main","last_synced_at":"2024-12-17T00:55:30.256Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/JupiterOne.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-04-10T12:13:54.000Z","updated_at":"2024-11-13T19:10:23.000Z","dependencies_parsed_at":"2023-02-16T12:31:27.846Z","dependency_job_id":"325bf7cb-e7a5-4b70-8069-2f3077ae19b7","html_url":"https://github.com/JupiterOne/jupiterone-alert-rules","commit_stats":{"total_commits":147,"total_committers":27,"mean_commits":5.444444444444445,"dds":0.5714285714285714,"last_synced_commit":"eadb52adc124358f2693d075ada4f07d1c923ffe"},"previous_names":[],"tags_count":39,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JupiterOne%2Fjupiterone-alert-rules","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JupiterOne%2Fjupiterone-alert-rules/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JupiterOne%2Fjupiterone-alert-rules/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JupiterOne%2Fjupiterone-alert-rules/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/JupiterOne","download_url":"https://codeload.github.com/JupiterOne/jupiterone-alert-rules/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":230374118,"owners_count":18216041,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-06T00:15:01.116Z","updated_at":"2024-12-19T04:06:45.634Z","avatar_url":"https://github.com/JupiterOne.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# JupiterOne Alert Rule Packs\n\nThis project contains default rule packs that can be provisioned to your\nJupiterOne account via the included CLI utility.\n\n## Contribution\n\nWhen making a pull request for this repo, please update the version property in the `package.json`.\nIf it is not updated, then the code will not get released.\n\nPatch version - x.x.1 - A patch version is used to make a quick fix, patch a security vulnerability, or do clean up.\nMinor version - x.1.x - A minor version is used to add/remove content\nMajor version - 1.x.x - A major version is used to introduce breaking changes\n\n## Rule Packs\n\n- `rule-packs/aws-config.json`\n\n  Alert rules for AWS configuration audit\n\n- `rule-packs/aws-threat.json`\n\n  Alert rules for AWS privilege escalation\n\n- `rule-packs/aws-privilege-escalation.json`\n\n  Alert rules for AWS threat monitoring\n\n- `rule-packs/gcp.json`\n\n  Alert rules for Google Cloud Platform\n\n- `rule-packs/azure-config.json`\n\n  Alert rules for Azure configuration audit\n\n- `rule-packs/azure.json`\n\n  Commonly used Azure alert rules\n\n- `rule-packs/gcp.json`\n\n  Commonly used GCP alert rules\n\n- `rule-packs/common-alerts.json`\n\n  Alert rules for GCP privelege escalation\n\n- `rule-packs/gcp-privelege-escalation.json`\n\n  Commonly used alert rules\n\n- `rule-packs/critical-assets.json`\n\n  Alert rules to monitor changes to and risks of critical assets\n\n- `rule-packs/devops.json`\n\n  Commonly used DevOps alert rules\n\n- `rule-packs/integration-monitoring.json`\n\n  Alert rules for monitoring integration status\n\nAll rules inherit the alert settings from `index.js`.\n\n## Provision Rules\n\nTo add these alert rules to your account via the CLI, you will need to install\nthe **JupiterOne CLI** from [npm][1] or download source from [github][2]:\n\n**Install J1 CLI**\n\n```bash\nnpm install @jupiterone/jupiterone-client-nodejs -g\n```\n\n**Provision Rule Pack**\n\n```bash\nj1 -a \u003cj1AccountId\u003e -u \u003cj1Username\u003e -o provision-alert-rule-pack --alert -f aws-config\n```\n\n[1]: https://www.npmjs.com/package/@jupiterone/jupiterone-client-nodejs\n[2]: https://github.com/JupiterOne/jupiterone-client-nodejs\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjupiterone%2Fjupiterone-alert-rules","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjupiterone%2Fjupiterone-alert-rules","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjupiterone%2Fjupiterone-alert-rules/lists"}