Change log for RECORDED_FUTURE_IOC
Date | Changes |
---|---|
2025-04-11 | Enhancement:
- Updated parser to parse each log entry into single event instead of multiple events. - event.ioc.categorization: Removed mapping of `detail.Rule` from `event.ioc.categorization` UDM field. - event.ioc.description: Removed mapping of `detail.EvidenceString` from `event.ioc.description` UDM field. - event.ioc.raw_severity: Removed mapping of `detail.CriticalityLabel` from `event.ioc.raw_severity` UDM field. - event.idm.entity.metadata.threat.first_discovered_time: Newly mapped `detail.FirstSeen` raw log field with `event.idm.entity.metadata.threat.first_discovered_time` UDM field. |
2025-04-07 | Enhancement:
- `event.idm.ready_only_udm.metadata.threat.risk_score`: Newly mapped "risk_score" raw log field with "event.idm.ready_only_udm.metadata.threat.risk_score" UDM field. - Added conversion of `event.idm.ready_only_udm.metadata.threat.risk_score` to float. |