Stay organized with collections
Save and categorize content based on your preferences.
Change log for KASPERSKY_AV
Date
Changes
2022-10-14
Added gsub to bypass unwanted special characters.
2022-05-17
Added mappings for the following fields - Nom (name of the process/application) (Name) mapped to target.file.full_path (extension).
- Chemin de l'application (Application path) mapped to target.file.full_path.
- Type d'événement (Event type) mapped to metadata.product_event_type.
- ID du processus (Process id) mapped to target.process.pid.
- Description du résultat (Result description) mapped to metadata.description.
- Erreur (Error) mapped to security_result.summary.
2022-03-29
Added mappings for the following missing fields "Result description" to "security_result.description".
"Type" to "security_result.threat_name".
"MD5" to "process.file.md5".
"SHA256" to "process.file.sha256".
"p2" to "target.process.file.full_path".
"p5" to "security_result.rule_name".
"p7" to "principal.user.user_display_name".
"Reason" to "security_result.summary".
