ipninichuck 75ec169d5c added metadata field to the watcher alert ... While utilizing Kibana to track watches directly from the watch index it became quickly apparent that useful metadata was not available. In my project's case it was the title, description and tags from the sigma rule. By adding them to the metadata field it makes it easier to utilize them in visualizations of the watches themselves. In the future perhaps the contents of the metadata field could be given as an option for each user.		2019-05-22 04:30:47 -07:00
..
ala.py	fix: more general fixes of the var type issue	2019-05-15 21:25:53 +02:00
arcsight.py	Conditional field mapping for null values	2019-04-25 23:24:05 +02:00
base.py	Removed debug code from backend option handling	2019-05-21 00:21:52 +02:00
data.py	Moved Sysmon schema XML from contrib directory into module	2019-03-16 00:59:29 +01:00
discovery.py	Changed copyright notices accordingly	2018-07-24 00:01:16 +02:00
elasticsearch.py	added metadata field to the watcher alert	2019-05-22 04:30:47 -07:00
exceptions.py	Changed copyright notices accordingly	2018-07-24 00:01:16 +02:00
graylog.py	Mandatory configuration for most backends	2019-04-22 23:40:21 +02:00
logpoint.py	Fixed escaping of \\*	2019-02-02 00:18:58 +01:00
misc.py	Conditional field mapping for null values	2019-04-25 23:24:05 +02:00
mixins.py	Changed copyright notices accordingly	2018-07-24 00:01:16 +02:00
netwitness.py	Conditional field mapping for null values	2019-04-25 23:24:05 +02:00
powershell.py	Conditional field mapping for null values	2019-04-25 23:24:05 +02:00
qradar.py	Conditional field mapping for null values	2019-04-25 23:24:05 +02:00
qualys.py	Removal of backend output classes	2018-08-02 22:41:32 +02:00
splunk.py	Changed stats to eventstats	2019-02-05 17:36:46 +01:00
sumologic.py	Conditional field mapping for null values	2019-04-25 23:24:05 +02:00
tools.py	Conditional field mapping for null values	2019-04-25 23:24:05 +02:00
wdatp.py	fix: more general fixes of the var type issue	2019-05-15 21:25:53 +02:00