Skip to content

Commit

Permalink
adding threat fields for ProcessEvents
Browse files Browse the repository at this point in the history
  • Loading branch information
@vakohl
vakohl committed Oct 5, 2023
1 parent b5ee542 commit 5cb53d3
Showing 1 changed file with 13 additions and 0 deletions.
13 changes: 13 additions & 0 deletions ASIM/dev/ASimTester/ASimTester.csv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -823,6 +823,7 @@ RuleName,string,Optional,Authentication,,,
RuleName,string,Optional,Dns,,,
RuleName,string,Optional,FileEvent,,,
RuleName,string,Optional,WebSession,,,
RuleName,string,Optional,ProcessEvent,,,
RuleName,string,Optional,RegistryEvent,,,
RuleName,string,Optional,UserManagement,,,
RuleName,string,Optional,Dhcp,,,
Expand All @@ -831,6 +832,7 @@ RuleNumber,int,Optional,Authentication,,,
RuleNumber,int,Optional,Dns,,,
RuleNumber,int,Optional,FileEvent,,,
RuleNumber,int,Optional,WebSession,,,
RuleNumber,int,Optional,ProcessEvent,,,
RuleNumber,int,Optional,RegistryEvent,,,
RuleNumber,int,Optional,UserManagement,,,
RuleNumber,int,Optional,Dhcp,,,
Expand Down Expand Up @@ -1182,6 +1184,7 @@ ThreatCategory,string,Optional,Dns,,,
ThreatCategory,string,Optional,FileEvent,,,
ThreatCategory,string,Optional,NetworkSession,,,
ThreatCategory,string,Optional,WebSession,,,
ThreatCategory,string,Optional,ProcessEvent,,,
ThreatCategory,string,Optional,RegistryEvent,,,
ThreatCategory,string,Optional,UserManagement,,,
ThreatCategory,string,Optional,Dhcp,,,
Expand All @@ -1191,6 +1194,7 @@ ThreatConfidence,int,Optional,Dns,ConfidenceLevel,,
ThreatConfidence,int,Optional,FileEvent,,,
ThreatConfidence,int,Optional,NetworkSession,,,
ThreatConfidence,int,Optional,WebSession,,,
ThreatConfidence,int,Optional,ProcessEvent,,,
ThreatConfidence,int,Optional,RegistryEvent,,,
ThreatConfidence,int,Optional,UserManagement,,,
ThreatConfidence,int,Optional,Dhcp,,,
Expand All @@ -1200,6 +1204,7 @@ ThreatField,string,Conditional,NetworkSession,Enumerated,,ThreatIpAddr
ThreatField,string,Optional,Authentication,,,
ThreatField,string,Optional,Dns,,,
ThreatField,string,Optional,WebSession,,,
ThreatField,string,Optional,ProcessEvent,,,
ThreatField,string,Optional,RegistryEvent,,,
ThreatField,string,Optional,UserManagement,,,
ThreatField,string,Optional,Dhcp,,,
Expand All @@ -1210,6 +1215,7 @@ ThreatFirstReportedTime,datetime,Optional,Dns,,,
ThreatFirstReportedTime,datetime,Optional,FileEvent,,,
ThreatFirstReportedTime,datetime,Optional,NetworkSession,,,
ThreatFirstReportedTime,datetime,Optional,WebSession,,,
ThreatFirstReportedTime,datetime,Optional,ProcessEvent,,,
ThreatFirstReportedTime,datetime,Optional,RegistryEvent,,,
ThreatFirstReportedTime,datetime,Optional,UserManagement,,,
ThreatFirstReportedTime,datetime,Optional,Dhcp,,,
Expand All @@ -1219,6 +1225,7 @@ ThreatId,string,Optional,Dns,,,
ThreatId,string,Optional,FileEvent,,,
ThreatId,string,Optional,NetworkSession,,,
ThreatId,string,Optional,WebSession,,,
ThreatId,string,Optional,ProcessEvent,,,
ThreatId,string,Optional,RegistryEvent,,,
ThreatId,string,Optional,UserManagement,,,
ThreatId,string,Optional,Dhcp,,,
Expand All @@ -1233,6 +1240,7 @@ ThreatIsActive,bool,Optional,Dns,,,
ThreatIsActive,bool,Optional,FileEvent,,,
ThreatIsActive,bool,Optional,NetworkSession,,,
ThreatIsActive,bool,Optional,WebSession,,,
ThreatIsActive,bool,Optional,ProcessEvent,,,
ThreatIsActive,bool,Optional,RegistryEvent,,,
ThreatIsActive,bool,Optional,UserManagement,,,
ThreatIsActive,bool,Optional,Dhcp,,,
Expand All @@ -1242,6 +1250,7 @@ ThreatLastReportedTime,datetime,Optional,Dns,,,
ThreatLastReportedTime,datetime,Optional,FileEvent,,,
ThreatLastReportedTime,datetime,Optional,NetworkSession,,,
ThreatLastReportedTime,datetime,Optional,WebSession,,,
ThreatLastReportedTime,datetime,Optional,ProcessEvent,,,
ThreatLastReportedTime,datetime,Optional,RegistryEvent,,,
ThreatLastReportedTime,datetime,Optional,UserManagement,,,
ThreatLastReportedTime,datetime,Optional,Dhcp,,,
Expand All @@ -1251,6 +1260,7 @@ ThreatName,string,Optional,Dns,,,
ThreatName,string,Optional,FileEvent,,,
ThreatName,string,Optional,NetworkSession,,,
ThreatName,string,Optional,WebSession,,,
ThreatName,string,Optional,ProcessEvent,,,
ThreatName,string,Optional,RegistryEvent,,,
ThreatName,string,Optional,UserManagement,,,
ThreatName,string,Optional,Dhcp,,,
Expand All @@ -1260,6 +1270,7 @@ ThreatOriginalConfidence,string,Optional,Dns,,,
ThreatOriginalConfidence,string,Optional,FileEvent,,,
ThreatOriginalConfidence,string,Optional,NetworkSession,,,
ThreatOriginalConfidence,string,Optional,WebSession,,,
ThreatOriginalConfidence,string,Optional,ProcessEvent,,,
ThreatOriginalConfidence,string,Optional,RegistryEvent,,,
ThreatOriginalConfidence,string,Optional,UserManagement,,,
ThreatOriginalConfidence,string,Optional,Dhcp,,,
Expand All @@ -1269,6 +1280,7 @@ ThreatOriginalRiskLevel,string,Optional,Dns,,,
ThreatOriginalRiskLevel,string,Optional,FileEvent,,,
ThreatOriginalRiskLevel,string,Optional,NetworkSession,,,
ThreatOriginalRiskLevel,string,Optional,WebSession,,,
ThreatOriginalRiskLevel,string,Optional,ProcessEvent,,,
ThreatOriginalRiskLevel,string,Optional,RegistryEvent,,,
ThreatOriginalRiskLevel,string,Optional,UserManagement,,,
ThreatOriginalRiskLevel,string,Optional,Dhcp,,,
Expand All @@ -1278,6 +1290,7 @@ ThreatRiskLevel,int,Optional,Dns,RiskLevel,,
ThreatRiskLevel,int,Optional,FileEvent,RiskLevel,,
ThreatRiskLevel,int,Optional,NetworkSession,RiskLevel,,
ThreatRiskLevel,int,Optional,WebSession,RiskLevel,,
ThreatRiskLevel,int,Optional,ProcessEvent,RiskLevel,,
ThreatRiskLevel,int,Optional,RegistryEvent,,,
ThreatRiskLevel,int,Optional,UserManagement,,,
ThreatRiskLevel,int,Optional,Dhcp,,,
Expand Down

0 comments on commit 5cb53d3

Please sign in to comment.