Stay organized with collections Save and categorize content based on your preferences.

Change log for WINDOWS_DEFENDER_ATP

Date Changes
2022-10-20 Enhancement -
Mapped "properties.ReportId" to "target.resource.product_object_id".
Mapped "properties.DeviceId" to "principal.asset_id".
2022-09-20 Enhancement - Merged customer specific parsers to default.
2022-07-29 Enhancement - Parsed the logs with EventID's:- "2006","2004","2033","2005","2008","0".
- Added support for new previously unparsed JSON format logs.