Stay organized with collections
Save and categorize content based on your preferences.
Change log for ESET_EDR
Date
Changes
2024-04-08
Enhancement:
- Mapped "Detectiontype" to "security_result.category_details".
- Mapped "Time_of_occurrence" to "additional.fields".
2024-03-12
Enhancement:
- Added Grok patterns to parse new log.
- Mapped "Detectiontype" to "security_result.category_details".
- Mapped "Detection_name" to "security_result.threat_name".
- Mapped "Scanner" to "security_result.description".
- Mapped "Action_performed" to "security_result.action_details".
- Mapped "Computer_name" to "principal.hostname".
- Mapped "Computer_name" to "principal.asset.hostname".
- Mapped "Logged_user" to "principal.user.userid".
- Mapped "app" to "principal.application".
- Mapped "process_id" to "principal.process.pid".