Stay organized with collections Save and categorize content based on your preferences.

Change log for KASPERSKY_AV

Date Changes
2022-10-14 Added gsub to bypass unwanted special characters.
2022-05-17 Added mappings for the following fields
- Nom (name of the process/application) (Name) mapped to target.file.full_path (extension).
- Chemin de l'application (Application path) mapped to target.file.full_path.
- Type d'événement (Event type) mapped to metadata.product_event_type.
- ID du processus (Process id) mapped to
- Description du résultat (Result description) mapped to metadata.description.
- Erreur (Error) mapped to security_result.summary.
2022-03-29 Added mappings for the following missing fields
"Result description" to "security_result.description".
"Type" to "security_result.threat_name".
"MD5" to "process.file.md5".
"SHA256" to "process.file.sha256".
"p2" to "target.process.file.full_path".
"p5" to "security_result.rule_name".
"p7" to "principal.user.user_display_name".
"Reason" to "security_result.summary".