Change log for BEYONDTRUST_ENDPOINT

Date	Changes
2024-06-10	Enhancement: - Enhanced the parser to handle the new logs. - Mapped "Processes.process_exec" to "additional.fields". - Mapped "Processes.action" to "security_result.action". - Mapped "Processes.description" to "metadata.description". - Mapped "Processes.dest" to "target.hostname". - Mapped "Processes.process_id" to "principal.process.pid". - Mapped "Processes.user" to "principal.user.userid". - Mapped "Processes.process" to "principal.application". - Mapped "Processes.user_id" to "principal.user.windows_sid". - Mapped "Processes.parent_process_id" to "principal.process.parent_process.pid". - Mapped "Processes.process_hash", "Processes.process_name", "Processes.parent_process", "Processes.parent_process_exec" to "additional.fields". - Mapped "Processes.process_path" to "principal.process.parent_process.file.full_path".
2024-03-20	Newly created parser.

Date

Changes

2024-06-10

Enhancement:
- Enhanced the parser to handle the new logs.
- Mapped "Processes.process_exec" to "additional.fields".
- Mapped "Processes.action" to "security_result.action".
- Mapped "Processes.description" to "metadata.description".
- Mapped "Processes.dest" to "target.hostname".
- Mapped "Processes.process_id" to "principal.process.pid".
- Mapped "Processes.user" to "principal.user.userid".
- Mapped "Processes.process" to "principal.application".
- Mapped "Processes.user_id" to "principal.user.windows_sid".
- Mapped "Processes.parent_process_id" to "principal.process.parent_process.pid".
- Mapped "Processes.process_hash", "Processes.process_name", "Processes.parent_process", "Processes.parent_process_exec" to "additional.fields".
- Mapped "Processes.process_path" to "principal.process.parent_process.file.full_path".

2024-03-20

Newly created parser.