Change log for OFFICE_365_MESSAGETRACE
| Date | Changes |
|---|---|
| 2024-04-18 | Enhancement:
- Mapped "time" to "metadata.event_timestamp". - Mapped "tenantId" to "metadata.product_deployment_id". - Mapped "operationName", "Tenant" to "additional.fields". - Mapped "category" to "metadata.product_event_type". - Mapped "properties.SenderFromAddress" to "principal.user.email_addresses" and "network.email.from". - Mapped "properties.RecipientEmailAddress" to "network.email.to" and "target.user.email_addresses". - Mapped "properties.FileName" to "principal.process.file.names". - Mapped "properties.SHA256" to "principal.process.file.sha256". - Mapped "properties.FileSize" to "principal.process.file.size". - Mapped "properties.RecipientObjectId" to "target.user.product_object_id". - Mapped "properties.SenderObjectId" to "principal.user.product_object_id". - Mapped "properties.SenderDisplayName" to "principal.user.user_display_name". - Mapped "properties.ThreatNames" to "security_result.threat_name". - Mapped "properties.DetectionMethods" to "security_result.detection_fields". |
| 2023-05-10 | Newly created parser.
|