Change log for AZURE_COSMOS_DB
| Date | Changes |
|---|---|
| 2025-01-16 | Enhancement -
- Fixed typo in Azure Cosmos DB CBN and updated timestamp. |
| 2023-02-22 | Enhancement -
- Mapped "TenantId" to "metadata.product_deployment_id". - Mapped "Computer" to "principal.hostname". - Mapped "EventSourceName" to "metadata.product_event_type" and mapped "principal.platform" based on "EventSourceName". - Mapped "EventID" to "metadata.product_log_id". - Mapped "Activity" to "metadata.description". - Mapped "CommandLine" to "target.process.command_line". - Mapped "Process" to "target.process.file.full_path". - Mapped "ProcessId" to "target.process.pid". - Mapped "ParentProcessName" to "target.process.parent_process.file.full_path". - Mapped "SubjectUserSid" to "principal.user.windows_sid". - Mapped "SubjectDomainName" to "principal.administrative_domain". - Mapped "SubjectLogonId" to "principal.user.userid". - Mapped "SubjectUserName" to "principal.user.user_display_name". - Mapped "TargetDomainName" to "target.administrative_domain". - Mapped "TargetLogonId" to "target.user.userid". - Mapped "TargetUserName" to "target.user.user_display_name". - Mapped "TargetUserSid" to "target.user.windows_sid". - Mapped "_ResourceId" to "target.resource.product_object_id". - Mapped "_Internal_WorkspaceResourceId", "TokenElevationType" to "target.resource.attribute.labels" - Mapped "Channel", "Task", "SourceSystem", "EventOriginId", "ManagementGroupName" to "additional.fields". - Mapped "FilePath" to "target.file.full_path". - Mapped "FileHash" to "target.file.sha256". - Mapped "SourceComputerId" to "principal.asset.asset_id". |
| 2022-04-13 | Newly created parser.
|