valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-08 10:13:57 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
7e742cc049
SigmaHQ/tools/config/sysmon.yml
vh 51df5ad876 Added: 
Sumo Logic CSE Rule Backend

Updated:
Mapping depence on logsource
Azure Sentinel Query Backend
MDATP: query with few logsources
CROWDSTRIKE: fix generateMapItemTypedNode
2020-10-06 15:07:52 +03:00

9 lines
181 B
YAML
Raw Blame History

title: Sysmon
order: 20
backends:
- sysmon
fieldmappings:
event_id: EventID
event_data.ParentImage: ParentImage
event_data.CommandLine: CommandLine
event_data.Image: Image
Reference in New Issue View Git Blame Copy Permalink