mirror of
https://github.com/valitydev/SigmaHQ.git
synced 2024-11-08 10:13:57 +00:00
52 lines
1.1 KiB
YAML
52 lines
1.1 KiB
YAML
title: STIX for QRadar
|
|
backends:
|
|
- stix
|
|
order: 30
|
|
fieldmappings:
|
|
categoryid:
|
|
- x-ibm-ariel:category_id
|
|
categoryname:
|
|
- x-ibm-ariel:category_name
|
|
credescription:
|
|
- x-ibm-finding:description
|
|
Description:
|
|
- x-ibm-finding:description
|
|
credibility:
|
|
- x-ibm-ariel:credibility
|
|
crename:
|
|
- x-ibm-finding:name
|
|
devicetype:
|
|
- x-ibm-ariel:device_type
|
|
Device:
|
|
- x-ibm-ariel:device_type
|
|
direction:
|
|
- x-ibm-ariel:direction
|
|
domainid:
|
|
- x-ibm-ariel:domain_id
|
|
geographic:
|
|
- x-ibm-ariel:geographic
|
|
high_level_category_id:
|
|
- x-ibm-ariel:high_level_category_id
|
|
high_level_category_name:
|
|
- x-ibm-ariel:high_level_category_name
|
|
identityhostname:
|
|
- x-ibm-ariel:identity_host_name
|
|
logsourceid:
|
|
- x-ibm-ariel:log_source_id
|
|
logsourcename:
|
|
- x-ibm-ariel:log_source_name
|
|
logsourcetypename:
|
|
- x-ibm-ariel:log_source_type_name
|
|
magnitude:
|
|
- x-ibm-ariel:magnitude
|
|
qid:
|
|
- x-ibm-ariel:qid
|
|
qidname:
|
|
- x-ibm-ariel:event_name
|
|
relevance:
|
|
- x-ibm-ariel:relevance
|
|
rulenames:
|
|
- x-ibm-ariel:rule_names[*]
|
|
severity:
|
|
- x-ibm-ariel:severity
|