...sed by Event Forwarding process have the following additional field mappings defined: (Showing the Splunk fields mapped to the custom fields I created inPhantom)
event_id -> notableEventId s...
I am working on automating some minor things and I want toaddina step to have the playbook assign the container or caseto the user running the playbook.
I am currently using a rest call to g...
Hi everyone. Is there any way to resolve GPO GUID or SID within Windows Security Logs? For instance, when we change any GPO in the domain it is logged under EventCode 5136. There is a CN name in...