Change log for ESET_AV
Date | Changes |
---|---|
2024-05-31 | Enhancement:
- Mapped "action_taken" to "security_result.action_details". - Mapped "threat_type" to "security_result.threat_id". - Mapped "scan_id", "scanner_id", and "threat_handled" to "security_result.detection_fields". - Mapped "need_restart" to "additional.fields". |
2024-05-21 | Enhancement:
- Changed the case of the value of the field "hash" to lowercase, and then mapped "hash" to "principal.file.sha1". |
2024-03-14 | Enhancement:
- Mapped "username" to "principal.user.userid". - Mapped "group_name" to "principal.group_display_name". - Mapped "hash" to "principal.resource.attribute.labels". - Mapped "eiconsolelink" to "principal.url". - Mapped "os_name" to "principal.platform_version". - Mapped "processname" to "principal.process.file.full_path". - Mapped "rulename" to "security_result.rule_name". - Mapped "result" to "security_result.summary". - Mapped "eialarmid" to "security_result.detection_fields". - Mapped "severity_score" to "security_result.detection_fields". - Mapped "computer_severity_score" to "security_result.detection_fields". |
2023-01-10 | Newly created parser.
|