Stay organized with collections
Save and categorize content based on your preferences.
Change log for CORELIGHT
Date |
Changes |
2024-08-23 |
Modifying severity based on raw rule.
|
2024-07-26 |
Added support for new fields of updated schema of suricata_corelight.
|
2024-06-19 |
Extracted the key and value based on the delimiter and mapped it accordingly.
|
2024-05-01 |
Added support for mapping of base64 decoded value of 'payload' and 'packet' fields into "about.labels".
|
2024-02-26 |
Added support for mapping of '_write_ts' and 'extracted' fields.
|
2024-02-14 |
Update the mapping for "network.dns.response" UDM field.
|
2023-12-13 |
Added support for updated suricata, corelight_metrics_*, intel log type and validation for "entity_type".
|
2023-11-29 |
Aligned 'principal/target.hostname' and 'principal/target.asset.hostname' mapping.
|
2023-10-04 |
Added mapping for "network.tls.certificate.md5", "network.tls.certificate.sha1", and "network.tls.certificate.sha256".
|
2023-06-13 |
Enhanced existing parser.
|
2023-06-09 |
Mapped 'assigned_addr' to 'network.dhcp.ciaddr'.
|
2022-04-23 |
Added normalization for Suricata Eve alerts.
|
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2024-09-26 UTC.
[{
"type": "thumb-down",
"id": "hardToUnderstand",
"label":"Hard to understand"
},{
"type": "thumb-down",
"id": "incorrectInformationOrSampleCode",
"label":"Incorrect information or sample code"
},{
"type": "thumb-down",
"id": "missingTheInformationSamplesINeed",
"label":"Missing the information/samples I need"
},{
"type": "thumb-down",
"id": "otherDown",
"label":"Other"
}]
[{
"type": "thumb-up",
"id": "easyToUnderstand",
"label":"Easy to understand"
},{
"type": "thumb-up",
"id": "solvedMyProblem",
"label":"Solved my problem"
},{
"type": "thumb-up",
"id": "otherUp",
"label":"Other"
}]
{"lastModified": "Last updated 2024-09-26 UTC."}
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2024-09-26 UTC."]]