valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-07 17:58:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1f707cb37c
SigmaHQ/tools/config/qualys.yml
nikotin d13e8d7bd3 Added ArcSight & Qualys backends
2018-06-07 16:18:23 +03:00

18 lines
395 B
YAML
Raw Blame History

fieldmappings:
dst:
- network.remote.address.ip
dst_ip:
- network.remote.address.ip
src:
- network.local.address.ip
src_ip:
- network.local.address.ip
file_hash:
- file.hash.md5
- file.hash.sha256
NewProcessName: process.name
ServiceName: process.name
ServiceFileName: process.name
TargetObject: registry.path
Reference in New Issue View Git Blame Copy Permalink