File tree Expand file tree Collapse file tree 2 files changed +17
-2
lines changed
uncoder-core/app/translator/mappings/platforms Expand file tree Collapse file tree 2 files changed +17
-2
lines changed Original file line number Diff line number Diff line change @@ -118,3 +118,7 @@ field_mapping:
118118 SubjectAccountName : xdm.source.user.username
119119 ComputerName : xdm.source.host.hostname
120120 ExternalSeverity : xdm.alert.severity
121+ SourceMAC : xdm.source.host.mac_addresses
122+ DestinationMAC : xdm.target.host.mac_addresses
123+ SourceOS : xdm.source.host.os
124+ DestinationOS : xdm.target.host.os
Original file line number Diff line number Diff line change @@ -9,6 +9,7 @@ default_log_source:
99
1010field_mapping :
1111 icmp.type : IcmpType
12+ icmp.code : IcmpCode
1213 dst-port :
1314 - DstPort
1415 - DestinationPort
@@ -26,7 +27,9 @@ field_mapping:
2627 - destination_ip
2728 - destinationIP
2829 - destinationaddress
29- User : userName
30+ User :
31+ - userName
32+ - EventUserName
3033 CommandLine : Command
3134 Protocol : IPProtocol
3235 Application :
@@ -47,4 +50,12 @@ field_mapping:
4750 - dst-packets
4851 src-bytes : src-bytes
4952 dst-bytes : dst-bytes
50- ExternalSeverity : External Severity
53+ ExternalSeverity : External Severity
54+ SourceMAC :
55+ - SourceMAC
56+ - MAC
57+ DestinationMAC : DestinationMAC
58+ SourceOS :
59+ - SourceOS
60+ - OS
61+ DestinationOS : DestinationOS
You can’t perform that action at this time.
0 commit comments