Skip to content

Commit 8d4f8d4

Browse files
spsocprimespsocprime
committed
upd fields
1 parent 3169751 commit 8d4f8d4

File tree

5 files changed

+17
-5
lines changed

5 files changed

+17
-5
lines changed

uncoder-core/app/translator/mappings/platforms/palo_alto_cortex/dns.yml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,4 +10,5 @@ field_mapping:
1010
#dns-record: dns-record
1111
dns_query_name: xdm.network.dns.dns_question.name
1212
QueryName: xdm.network.dns.dns_question.name
13-
query: xdm.network.dns.dns_question.name
13+
query: xdm.network.dns.dns_question.name
14+
dns-record-type: xdm.network.dns.dns_question.type

uncoder-core/app/translator/mappings/platforms/qradar/default.yml

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,9 @@ field_mapping:
3535
- userName
3636
- EventUserName
3737
CommandLine: Command
38-
Protocol: IPProtocol
38+
Protocol:
39+
- IPProtocol
40+
- protocol
3941
Application:
4042
- Application
4143
- application
@@ -61,6 +63,7 @@ field_mapping:
6163
SourceMAC:
6264
- SourceMAC
6365
- MAC
66+
- sourceMAC
6467
DestinationMAC: DestinationMAC
6568
SourceOS:
6669
- SourceOS
@@ -69,4 +72,7 @@ field_mapping:
6972
TargetUserName: DestinationUserName
7073
SourceUserName: SourceUserName
7174
url_category: XForceCategoryByURL
72-
EventSeverity: EventSeverity
75+
EventSeverity: EventSeverity
76+
Source:
77+
- Source
78+
- source

uncoder-core/app/translator/mappings/platforms/qradar/dns.yml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,4 +12,5 @@ field_mapping:
1212
dns-query: URL
1313
parent-domain: parent-domain
1414
dns-answer: dns-answer
15-
dns-record: URL
15+
dns-record: URL
16+
dns-record-type: DNSRecordType

uncoder-core/app/translator/mappings/platforms/qradar/proxy.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,7 @@ field_mapping:
2424
cs-host:
2525
- UrlHost
2626
- URL Host
27+
- URL Domain
2728
cs-referrer:
2829
- URL Referrer
2930
- Referrer URL

uncoder-core/app/translator/mappings/platforms/qradar/windows_security.yml

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,9 @@ field_mapping:
4141
LinkName: LinkName
4242
MemberName: MemberName
4343
MemberSid: MemberSid
44-
NewProcessName: Process Name
44+
NewProcessName:
45+
- Process Name
46+
- New Process Name
4547
ObjectClass: ObjectClass
4648
ObjectName:
4749
- Object Name
@@ -122,6 +124,7 @@ field_mapping:
122124
ServiceFileName:
123125
- Service Filename
124126
- ServiceFileName
127+
- Service File Name
125128
SecurityDescriptor: SecurityDescriptor
126129
ServiceName: Service Name
127130
ShareName:

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy