Change log for TRENDMICRO_AV
| Date | Changes |
|---|---|
| 2023-05-21 | Enhancement:
- Mapped "Received","Generated" to "about.labels". |
| 2023-05-09 | Enhancement - For logs with CEF format, mapped syslog timestamp to "metadata.event_timestamp".
|
| 2023-02-03 | Enhancement
- Mapped "metadata.event_type" to "SCAN_UNCATEGORIZED" if log type is "LogSpyware","LogPredictiveMachineLearning". - Mapped "Device_name","Enhetsnavn" to "principal.hostname". - Mapped "Domain","Domene" to "principal.administrative_domain". - Mapped "Group_name","Gruppenavn" to "principal.group.group_display_name". - Mapped "Mottatt" to "metadata.collected_timestamp". - Mapped "Generert","Generated" to "metadata.event_timestamp". - Mapped "Subject","Emne","Path" to "about.process.command_line". - Mapped "Type","Scan_Type" to "security_result.description". - Mapped "User","Bruker" to "target.user.userid". - Mapped "CustomerName" to "target.user.user_display_name". - Mapped "File_name","Object","Objekt","Infected_Resource" to "target.process.file.full_path". - Mapped "Action_Taken" to "security_result.action_details". - Mapped "Spyware","Virus_Malware_Name","Unknown_Threat" to "security_result.threat_name". |
| 2022-05-30 | Added support for CEF format logs |