Stay organized with collections
Save and categorize content based on your preferences.
Change log for CHECKPOINT_EDR
Date
Changes
2024-05-09
Enhancement- Parsed logs with "event_type" as "empty".
- Added support for the MEPP, Compliance, Anti-Malware, and Threat Emulation
logs.
2022-09-07
Enhancement- Parsed logs with event_type as "empty".
- mapped "client_ip" to "event.edr.network.target_ip".
- mapped "origin" to "event.edr.network.target_ip" if client_ip empty.
- mapped "subject" to "event.edr.task.task_name".
- mapped "host_name" to "event.edr.client.hostname".
- mapped "ifdir" to "event.edr.network.direction".
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-03-25 UTC."],[[["The change log documents updates for CHECKPOINT_EDR, with recent enhancements made on May 9, 2024."],["On May 9, 2024, support was added for MEPP, Compliance, Anti-Malware, and Threat Emulation logs, in addition to parsing logs with \"event_type\" as \"empty\"."],["On September 7, 2022, updates included mapping various fields like \"client_ip\", \"origin\", \"subject\", \"host_name\", and \"ifdir\" to new event attributes."],["Several field mappings were updated on 2022-09-07, such as \"client_ip\" now being mapped to \"event.edr.network.target_ip\"."]]],[]]
