Change log for TANIUM_THREAT_RESPONSE
| Date | Changes |
|---|---|
| 2025-02-06 | Enhancement:
- Mapped "MITRE Techniques" to "security_result.attack_details.techniques". - Mapped "Impact Score" to "security_result.detection_fields". |
| 2025-01-03 | Enhancement:
- Converted file md5 values to lowercase. |
| 2024-11-28 | Enhancement:
- Added support for unparsed "MatchDetails" field. |
| 2024-11-28 | Enhancement:
- Added support for unparsed "MatchDetails" field. |
| 2024-10-16 | Enhancement:
- Mapped "MatchDetails.match.properties.parent.args" to "security_result.about.process.parent_process.command_line". - Mapped "MatchDetails.match.properties.parent.parent.args" to "security_result.about.process.parent_process.parent_process.command_line". - Mapped "MatchDetails.match.properties.parent.parent.parent.args" to "security_result.about.process.parent_process.parent_process.parent_process.command_line". - Mapped "MatchDetails.match.properties.parent.parent.parent.parent.args" to "security_result.about.process.parent_process.parent_process.parent_process.parent_process.command_line". |
| 2023-07-28 | Enhancement:
- Removed "MatchDetails.finding.system_info" from initialization. |
| 2023-07-13 | Enhancement:
- Added a check for the SYSLOG+JSON format logs after identifying the JSON format failed. |
| 2023-03-13 | Bug Fix:
- Resolved error by adding a conditional check before setting "is_alert" value to "true". |
| 2022-11-14 | Enhancement:
- Mapped "id" to "target.resource.attribute.labels". - Mapped "params" to "security_result.detection_fields". |