Change log for QUALYS_VM
| Date | Changes |
|---|---|
| 2023-10-27 | Enhancement:
- Added a "for" loop to split the events when there are multiple "QIDs". |
| 2023-04-25 | Enhancement:
- Mapped "DetectionList.FirstFoundTime" to "extensions.vulns.vulnerabilities.first_found". - Mapped "DetectionList.LastFoundTime" to "extensions.vulns.vulnerabilities.last_found". - Mapped "DetectionList.TimesFound" to "extensions.vulns.vulnerabilities.about.resource.attribute.labels". - Mapped "DetectionList.LastTestDateTime" to "extensions.vulns.vulnerabilities.about.resource.attribute.labels". - Mapped "DetectionList.LastUpdateDateTime" to "extensions.vulns.vulnerabilities.about.resource.attribute.labels". - Mapped "DetectionList.LastProcessedDatetime" to "extensions.vulns.vulnerabilities.about.resource.attribute.labels". |
| 2023-01-23 | Enhancement:
- Mapped "DetectionList" array details to "extensions.vulns.vulnerabilities". - Mapped "DetectionList.Qid" to "extensions.vulns.vulnerabilities.name". - Mapped "DetectionList.Severity" to "extensions.vulns.vulnerabilities.severity". - Mapped "DetectionList.Results" to "extensions.vulns.vulnerabilities.description". - Mapped "DetectionList.Status", "DetectionList.DType" to "extensions.vulns.vulnerabilities.about.resource.attribute.labels". |
| 2022-09-29 | Enhancement:
- Mapped "ID" to "metadata.product_log_id". - Mapped "Netbios","TrackingMethod","NetworkID" to "additional.fields". - Mapped "QgHostID" to "principal.asset_id". - Mapped "Os" to "principal.platform_version". - Added conditional check for "_vulns". |
| 2022-07-20 | Enhancement: added mapping for following fields:
- "DETECTION.FIRST_FOUND_DATETIME" mapped to "event.idm.read_only_udm.extensions.vulns.vulnerabilities.first_found". - "DETECTION.LAST_FOUND_DATETIME" mapped to "event.idm.read_only_udm.extensions.vulns.vulnerabilities.last_found". - "HOST.LAST_VM_SCANNED_DATE" mapped to "event.idm.read_only_udm.extensions.vulns.vulnerabilities.scan_end_time". - "HOST.LAST_SCAN_DATETIME" mapped to "event.idm.read_only_udm.extensions.vulns.vulnerabilities.scan_start_time". - "DETECTION.QID" mapped to "event.idm.read_only_udm.extensions.vulns.vulnerabilities.name". - "DETECTION.SEVERITY" mapped to "event.idm.read_only_udm.extensions.vulns.vulnerabilities.severity". - "DETECTION.TYPE" mapped to "event.idm.read_only_udm.extensions.vulns.vulnerabilities.about.labels". - "DETECTION.STATUS" mapped to "event.idm.read_only_udm.extensions.vulns.vulnerabilities.labels". - "DETECTION.RESULTS" mapped to "event.idm.read_only_udm.extensions.vulns.vulnerabilities.description". - "HOST.DNS_DATA.DOMAIN" mapped to "event.idm.read_only_udm.principal.domain.name". - "HOST.ASSET_ID" mapped to "event.idm.read_only_udm.principal.asset_id". - "HOST.IP" mapped to "event.idm.read_only_udm.principal.ip". - "HOST.OS" mapped to "event.idm.read_only_udm.principal.platform_version". - "HOST.DNS" mapped to "event.idm.read_only_udm.principal.hostname". - "HOST.QG_HOSTID" mapped to "event.idm.read_only_udm.additional.fields". - "HOST.NETBIOS" mapped to "event.idm.read_only_udm.additional.fields". - "HOST.TRACKING_METHOD" mapped to "event.idm.read_only_udm.additional.fields". |