Skip to content

Commit e39cedc

Browse files
rm-socprimerm-socprime
committed
anomali linux added
1 parent 30d852c commit e39cedc

File tree

2 files changed

+37
-0
lines changed

2 files changed

+37
-0
lines changed

uncoder-core/app/translator/mappings/platforms/anomali/linux_network_connection.yml

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,20 @@
1+
platform: Anomali
2+
source: linux_network_connection
3+
4+
5+
log_source:
6+
product: [linux]
7+
category: [network_connection]
8+
9+
default_log_source:
10+
product: linux
11+
category: network_connection
12+
13+
field_mapping:
14+
Image: image
15+
DestinationHostname: dest
16+
DestinationIp: dest_ip
17+
DestinationPort: dest_port
18+
SourceIp: src_ip
19+
SourcePort: src_port
20+
#Initiated: Initiated

uncoder-core/app/translator/mappings/platforms/anomali/linux_process_creation.yml

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,17 @@
1+
platform: Anomali
2+
source: linux_process_creation
3+
4+
5+
log_source:
6+
product: [linux]
7+
category: [process_creation]
8+
9+
default_log_source:
10+
product: linux
11+
category: process_creation
12+
13+
field_mapping:
14+
CommandLine: command_line
15+
Image: image
16+
ParentCommandLine: parent_command_line
17+
ParentImage: parent_image

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy