Skip to content

Commit 41c0d42

Browse files
nazargesyknazargesyk
authored
Merge pull request #198 from UncoderIO/gis-improve_qradar_palo_alto_mapping
Gis improve qradar palo alto mapping
2 parents bf008fe + d69da7f commit 41c0d42

File tree

2 files changed

+5
-3
lines changed

2 files changed

+5
-3
lines changed

uncoder-core/app/translator/mappings/platforms/qradar/default.yml

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,8 @@ field_mapping:
1414
- DstPort
1515
- DestinationPort
1616
- remoteport
17+
dst-hostname: DstHost
18+
src-hostname: SrcHost
1719
src-port:
1820
- SourcePort
1921
- localport
@@ -94,11 +96,11 @@ field_mapping:
9496
Action: Action
9597
Workstation: Machine Identifier
9698
GroupMembership: Role Name
97-
FileName:
99+
FileName:
98100
- Filename
99101
- File Name
100102
- Encoded Filename
101-
RegistryKey:
103+
RegistryKey:
102104
- Registry Key
103105
- Target Object
104106
RegistryValue: RegistryValue

uncoder-core/app/translator/mappings/platforms/qradar/windows_process_creation.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@ field_mapping:
2424
- ProcessName
2525
IntegrityLevel: IntegrityLevel
2626
ParentCommandLine: Parent Command
27-
ParentImage:
27+
ParentImage:
2828
- Parent Process Path
2929
- ParentProcessName
3030
ParentUser: ParentUser

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy