Skip to content

Commit c406408

Browse files
tarnopolskyitarnopolskyi
committed
update cse render
1 parent 4abc013 commit c406408

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

41 files changed

+607
-18
lines changed

uncoder-core/app/translator/mappings/platforms/sumologic_cse/aws_cloudtrail.yml

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,20 @@
1+
platform: Sumo Logic CSE
2+
source: aws_cloudtrail
3+
description: Text that describe current mapping
4+
5+
log_source:
6+
metadata_vendor: [Amazon AWS]
7+
metadata_product: [CloudTrail]
8+
9+
default_log_source:
10+
metadata_vendor: Amazon AWS
11+
metadata_product: CloudTrail
12+
13+
field_mapping:
14+
eventSource: application
15+
eventName: action
16+
eventType: timestamp
17+
responseElements.ConsoleLogin: ssuccess
18+
userAgent: http_userAgent
19+
userIdentity.principalId: user_userId
20+
userIdentity.sessionContext.sessionIssuer.type: user_username

uncoder-core/app/translator/mappings/platforms/sumologic_cse/aws_eks.yml

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
platform: Sumo Logic CSE
2+
source: aws_eks
3+
description: Text that describe current mapping
4+
5+
log_source:
6+
metadata_vendor: [Amazon AWS]
7+
8+
default_log_source:
9+
metadata_vendor: Linux

uncoder-core/app/translator/mappings/platforms/sumologic_cse/azure_AzureDiagnostics.yml

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
platform: Sumo Logic CSE
2+
source: azure_AzureDiagnostics
3+
description: Text that describe current mapping
4+
5+
log_source:
6+
metadata_vendor: [Microsoft]
7+
metadata_product: [Azure]
8+
9+
default_log_source:
10+
metadata_vendor: Microsoft
11+
metadata_product: Azure

uncoder-core/app/translator/mappings/platforms/sumologic_cse/azure_BehaviorAnalytics.yml

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,14 @@
1+
platform: Sumo Logic CSE
2+
source: azure_BehaviorAnalytics
3+
description: Text that describe current mapping
4+
5+
log_source:
6+
metadata_vendor: [Microsoft]
7+
metadata_product: [Azure]
8+
9+
default_log_source:
10+
metadata_vendor: Microsoft
11+
metadata_product: Azure
12+
13+
field_mapping:
14+
RiskDetail: riskDetail

uncoder-core/app/translator/mappings/platforms/sumologic_cse/azure_aadnoninteractiveusersigninlogs.yml

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,15 @@
1+
platform: Sumo Logic CSE
2+
source: azure_aadnoninteractiveusersigninlogs
3+
description: Text that describe current mapping
4+
5+
log_source:
6+
metadata_vendor: [Microsoft]
7+
metadata_product: [Azure]
8+
9+
default_log_source:
10+
metadata_vendor: Microsoft
11+
metadata_product: Azure
12+
13+
field_mapping:
14+
LoggedByService: cloud_service
15+
OperationName: description

uncoder-core/app/translator/mappings/platforms/sumologic_cse/azure_azureactivity.yml

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,14 @@
1+
platform: Sumo Logic CSE
2+
source: azure_azureactivity
3+
description: Text that describe current mapping
4+
5+
log_source:
6+
metadata_vendor: [Microsoft]
7+
metadata_product: [Azure]
8+
9+
default_log_source:
10+
metadata_vendor: Microsoft
11+
metadata_product: Azure
12+
13+
field_mapping:
14+
OperationName: action

uncoder-core/app/translator/mappings/platforms/sumologic_cse/azure_azuread.yml

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,15 @@
1+
platform: Sumo Logic CSE
2+
source: azure_azuread
3+
description: Text that describe current mapping
4+
5+
log_source:
6+
metadata_vendor: [Microsoft]
7+
metadata_product: [Azure]
8+
9+
default_log_source:
10+
metadata_vendor: Microsoft
11+
metadata_product: Azure
12+
13+
field_mapping:
14+
LoggedByService: cloud_service
15+
OperationName: description

uncoder-core/app/translator/mappings/platforms/sumologic_cse/azure_m365.yml

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
platform: Sumo Logic CSE
2+
source: azure_m365
3+
description: Text that describe current mapping
4+
5+
log_source:
6+
metadata_vendor: [Microsoft]
7+
metadata_product: [Azure]
8+
9+
default_log_source:
10+
metadata_vendor: Microsoft
11+
metadata_product: Azure

uncoder-core/app/translator/mappings/platforms/sumologic_cse/azure_signinlogs.yml

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
platform: Sumo Logic CSE
2+
source: azure_signinlogs
3+
description: Text that describe current mapping
4+
5+
log_source:
6+
metadata_vendor: [Microsoft]
7+
metadata_product: [Azure]
8+
9+
default_log_source:
10+
AppDisplayName: application
11+
AuthenticationRequirement: mfa
12+
Category: logonType
13+
ResourceIdentity: resource
14+
ResultDescription: description
15+
ResultType: normalizedCause
16+
Status.errorCode: errorCode
17+
Status.failureReason: errorText
18+
UserPrincipalName: user_username

uncoder-core/app/translator/mappings/platforms/sumologic_cse/gcp_gcp.audit.yml

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
platform: Sumo Logic CSE
2+
source: gcp_gcp.audit
3+
description: Text that describe current mapping
4+
5+
log_source:
6+
metadata_vendor: [Google]
7+
metadata_product: [Google Cloud Platform]
8+
9+
default_log_source:
10+
metadata_vendor: Google
11+
metadata_product: Google Cloud Platform
12+
13+
field_mapping:
14+
protoPayload.methodName: action
15+
protoPayload.serviceName: application
16+
serviceName: cloud_service

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy