cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
faisalzabd
Engager
Member since: ‎01-16-2024
‎01-16-2024
Community Statistics
Posts 1
Solutions 0
Karma Given 1
Karma Received 0
Member Since ‎01-16-2024
Activity Feed
View All

sysmon fields mapping to endpoint datamodel

by in Splunk Enterprise Security
‎01-16-2024 11:33 PM
‎01-16-2024 11:33 PM
I'm trying to look for refernce or documintation that shows me which fields in sysmon logs should be mapped to which fields in endpoint datamodel.   for example Image & ParentImage it should show in which fields from endpoint datamodel since we have multiple fields for processes and parent processes it is confusing. ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎01-16-2024 04:53 PM
Karma given to
View All