valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-08 10:13:57 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
7e742cc049
SigmaHQ/tools/config/sysmon.yml

9 lines
181 B
YAML
Raw Normal View History

Added: Sumo Logic CSE Rule Backend Updated: Mapping depence on logsource Azure Sentinel Query Backend MDATP: query with few logsources CROWDSTRIKE: fix generateMapItemTypedNode
2020-10-06 12:07:52 +00:00
title: Sysmon
order: 20
backends:
- sysmon
fieldmappings:
event_id: EventID
event_data.ParentImage: ParentImage
event_data.CommandLine: CommandLine
event_data.Image: Image
Reference in New Issue Copy Permalink