Skip to content

Commit bd83e64

Browse files
spsocprimespsocprime
committed
add fields
1 parent 2b5f705 commit bd83e64

File tree

1 file changed

+6
-1
lines changed

1 file changed

+6
-1
lines changed

uncoder-core/app/translator/mappings/platforms/qradar/linux_auditd.yml

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,4 +13,9 @@ field_mapping:
1313
a1: Command
1414
a2: Command
1515
a3: Command
16-
exe: Process Path
16+
exe: Process Path
17+
Process CommandLine: Command
18+
Image: Process Path
19+
username: username
20+
LogonId: Logon ID
21+
ParentImage: Parent Process Path

0 commit comments

Comments
 (0)