Change log for TRENDMICRO_APEX_CENTRAL
Date | Changes |
---|---|
2024-09-23 | - Changed the `fileHash` field to lowercase.
- Mapped "dntdom" to "target.administrative_domain". - Mapped "event_name" to "security_result.threat_name". - Mapped "dhost" to "principal.hostname". - Mapped "filePath" to "target.file.full_path". - Mapped "duser" to "target.user.userid". - Mapped "cs3" to "metadata.product_version". - Mapped "cs6" to "additional.fields". - Mapped "product_version" to "additional.fields". - Mapped "cat" to "additional.fields". - Mapped "msg" to "additional.fields". - Mapped "TMCMLogDetectedIP" to "additional.fields". - Mapped "dvchost" to "additional.fields". - Mapped "cnt" to "security_result.verdict_info.malicious_count". - Mapped "cs4" to "security_result.category_details". |
2024-09-23 | - Changed the `fileHash` field to lowercase.
- Mapped "dntdom" to "target.administrative_domain". - Mapped "event_name" to "security_result.threat_name". - Mapped "dhost" to "principal.hostname". - Mapped "filePath" to "target.file.full_path". - Mapped "duser" to "target.user.userid". - Mapped "cs3" to "metadata.product_version". - Mapped "cs6" to "additional.fields". - Mapped "product_version" to "additional.fields". - Mapped "cat" to "additional.fields". - Mapped "msg" to "additional.fields". - Mapped "TMCMLogDetectedIP" to "additional.fields". - Mapped "dvchost" to "additional.fields". - Mapped "cnt" to "security_result.verdict_info.malicious_count". - Mapped "cs4" to "security_result.category_details". |
2024-08-12 | - When "dvchost" is available, then mapped "metadata.event_type" to "STATUS_UPDATE".
|
2024-04-24 | - Added support for new event type "Endpoint Application Control"
|
2024-04-03 | - Added new attributes and support for customer specific new log format (CEF).
|