Stay organized with collections
Save and categorize content based on your preferences.
Change log for CORELIGHT
| Date |
Changes |
| 2024-02-26 |
Added support for mapping of '_write_ts' and 'extracted' fields.
|
| 2024-02-14 |
Update the mapping for "network.dns.response" UDM field.
|
| 2023-12-13 |
Added support for updated suricata, corelight_metrics_*, intel
log type and validation for "entity_type".
|
| 2023-11-29 |
Aligned 'principal/target.hostname' and 'principal/target.asset.hostname' mapping.
|
| 2023-10-04 |
Added mapping for "network.tls.certificate.md5", "network.tls.certificate.sha1", and "network.tls.certificate.sha256".
|
| 2023-06-13 |
Enhanced existing parser.
|
| 2023-06-09 |
Mapped 'assigned_addr' to 'network.dhcp.ciaddr'.
|
| 2022-04-23 |
Added normalization for Suricata Eve alerts.
|
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2024-04-16 UTC.
[{
"type": "thumb-down",
"id": "hardToUnderstand",
"label":"Hard to understand"
},{
"type": "thumb-down",
"id": "incorrectInformationOrSampleCode",
"label":"Incorrect information or sample code"
},{
"type": "thumb-down",
"id": "missingTheInformationSamplesINeed",
"label":"Missing the information/samples I need"
},{
"type": "thumb-down",
"id": "otherDown",
"label":"Other"
}]
[{
"type": "thumb-up",
"id": "easyToUnderstand",
"label":"Easy to understand"
},{
"type": "thumb-up",
"id": "solvedMyProblem",
"label":"Solved my problem"
},{
"type": "thumb-up",
"id": "otherUp",
"label":"Other"
}]
