Stay organized with collections
Save and categorize content based on your preferences.
Change log for TRENDMICRO_DEEP_SECURITY
Date
Changes
2024-03-04
Enhancement :
- Added a Grok pattern to parse CEF format logs.
- Mapped "TrendMicroDsFileSHA1" to "target.file.sha1".
- Mapped "msg" to "security_result.description".
- Mapped "result" to "security_result.summary".
- Mapped "filePath" to "target.file.full_path".
- Mapped "TrendMicroDsMalwareTarget","TrendMicroDsProcess", "TrendMicroDsMalwareTargetCount","TrendMicroDsMalwareTargetType" and "TrendMicroDsBehaviorType" to "security_result.detection_fields".
- If "dvchost" is not null, then mapped "dvchost" to "target.hostname" else if "cef_host" is not null, then mapped "cef_host" to "target.hostname".
2024-02-13
Enhancement :
- Mapped "target" to "target.hostname"
- Mapped "usrName" to "principal.user.userid"