From 0195487d5e447ed648e32dae62b6e27cc29cc749 Mon Sep 17 00:00:00 2001 From: v-sabiraj Date: Thu, 17 Oct 2024 18:44:19 +0530 Subject: [PATCH 1/2] Update EventsToTableMapping.json --- .../QueueTriggerCS/EventsToTableMapping.json | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/Solutions/CrowdStrike Falcon Endpoint Protection/Data Connectors/CrowdstrikeReplicatorCLv2/CrowdstrikeFalconAPISentinelConn/QueueTriggerCS/EventsToTableMapping.json b/Solutions/CrowdStrike Falcon Endpoint Protection/Data Connectors/CrowdstrikeReplicatorCLv2/CrowdstrikeFalconAPISentinelConn/QueueTriggerCS/EventsToTableMapping.json index 833bb954d43..6ef19b47717 100644 --- a/Solutions/CrowdStrike Falcon Endpoint Protection/Data Connectors/CrowdstrikeReplicatorCLv2/CrowdstrikeFalconAPISentinelConn/QueueTriggerCS/EventsToTableMapping.json +++ b/Solutions/CrowdStrike Falcon Endpoint Protection/Data Connectors/CrowdstrikeReplicatorCLv2/CrowdstrikeFalconAPISentinelConn/QueueTriggerCS/EventsToTableMapping.json @@ -1,6 +1,16 @@ { "ZipFileWritten": "File", "XarFileWritten": "File", + "SourceCodeFileWritten": "File", + "IsoExtensionFileWritten": "File", + "ImgExtensionFileWritten": "File", + "UnixFileWritten": "File", + "PythonFileWritten": "File", + "WebScriptFileWritten": "File", + "RegistryHiveFileWritten": "File", + "ADExplorerFileWritten": "File", + "CrxFileWritten": "File", + "DexFileWritten": "File", "VmdkFileWritten": "File", "VdiFileWritten": "File", "TiffFileWritten": "File", @@ -53,6 +63,7 @@ "DmpFileWritten": "File", "DmgFileWritten": "File", "DirectoryCreate": "File", + "DebFileWritten": "File", "CriticalFileModified": "File", "CriticalFileAccessed": "File", "CabFileWritten": "File", From ae1c1af30477bc50e569bf65bf36ecf2740f9fbf Mon Sep 17 00:00:00 2001 From: v-sabiraj Date: Fri, 18 Oct 2024 11:41:05 +0530 Subject: [PATCH 2/2] Update CrowdstrikeFalconAPISentinelConn.zip --- .../CrowdstrikeFalconAPISentinelConn.zip | Bin 24630859 -> 24630923 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/Solutions/CrowdStrike Falcon Endpoint Protection/Data Connectors/CrowdstrikeReplicatorCLv2/CrowdstrikeFalconAPISentinelConn.zip b/Solutions/CrowdStrike Falcon Endpoint Protection/Data Connectors/CrowdstrikeReplicatorCLv2/CrowdstrikeFalconAPISentinelConn.zip index 6fa331a536cd495eb8dca90440126263ab43ec18..f78fab29def12c851c06e04e46930acf7fd405d4 100644 GIT binary patch delta 4016 zcmY+`XCM{s7r^oRP)7Eaz4{rMaqW>Avcfe&q)i z0atJXci0ae;0a!E0KCBm4uUTng2Uhk{ty61;3xz_5Cp?92!Z1e3Skfq5pV(`Aqt`) z24W!&;voS}LL!hM2~I&WqyRuFq`_%Ohcl1?nSkLeoP+al0WLxoT!PDx4LOhtd5{lR z;3^bAAzT9r6hSeRKq-_#IaEL;R6#Y=z;&pFI=BHhp&lBb5pKb4xC3|L9yGyyXod&y z5UB779s>f@jbTJ@6b}Krg(6K6nNFFaU!v1j8@_qwpHuz!;VlSnMVJ9$MueFVW=41$!Yl~0BFu&`JHi|Yb0W-zFgLA5tc!C2g3g$EQ_!l!tw|!AiNV{MTC_Q zRz_F_VO50H5Z;BbI>H(V6A{)#SPNlogmnqiCBM2WwI1u3=go6=2h8~8X!4+ObPe=D_ z&WkRXg+Q1k5(shx0)f)pAC2V5h5KzUO=)ve?VoO(K4-Y-7ofLNuSIhf=zpoYn-n=` zJ3^=7xA%aRa>n?`pGWyw1bWBU#L9(mLuUDGaTTZa#hZ^4)|Y=ylq7QQAosQIS2p_d zr9WWf`}c{0CC2`v@2rWsGt#6b4S(N(HBm$1VwqDlQ3ek7jt?u#GfUq(m6E;J{Ii4h zz0o+_72WD~GJ*H_(;SA;HL7y@aNhHkwo)8?p1dGFhqf#AZ05;qR4w4E&rCu zjuY#{7FX1Tf89wPD|dY`+3QIz)w6l;QXK5S+uAx&t1q42x3#$Se%wuK6Hjg)@(kmm znbp^|!kM#v!oF!NPbp?$^!as(m(xNoj?RwqmL=@-unu98y;8R;+bPBU5v8)t$tq@X zktlm^BYLIXVuyNKGADzfJp0ji!<5V2C;5Py@F6ScVkKJhCT9g4I!1FNdpMq`ysS8# zGqWN?&DWgXk?v$l4QeYpoFL?C!^uARl)iAWOHuWjVOi>^UUBc-Zb4%gu8zy30n1|J z^VZ^2myq&=OJcgoH>CpXWYtOObxq&9G@o`*@lK#GBuKcBEW>WotG)Fa zljPaFS+ML?b9D55Fa4j6X}Y_$pSI3vMza9U2b&g0Jp=RJ*?k|*Q`y(!Z0wUau;i6e ztrS~69&KV&R{2F`32@pS%&PWnGa&mvkK7?c?4Fft(V`JsXUY}2D}F1{>7U-g%2egn&6wFo zkn$kC`BYukl*psw?Ot&#-87nW&kq_?oy!M>fN-|JYHeprX6-7mD399w*dKRzhr6mh zMxtI6U;OPkMJu|fEG8t2T&u69o@ zWz0`m-C$b@cpG7FVbQR{nLEIZ5ky}iwCN=K)uJ$}jGa5AaflBs{t#iM( zB;N2^q23)Cd0#A4G}9)r#mbrZ>h9du$K&+-ub!dz;hWr;z3yUrG9~Wz-9&ziU^C_o z#(^MVo>evi!`+Yf1kDYuH&(A%H@==D#ebN8H6=7)n8E)^W@U1Fh&10gxrXhU_HZvb zng`FHYOh-`-GifexGOZGsVX0AkV#$?ZF=6YVXeO zSokeQD;p_MimZ)jCfO6|3dp-c$^!z$j*M?E+I*B0Dro#Hx?70l#Ezoo9G;g?EcpFo z1^bzYmLJtOd%RBh`f*8SXRCyr+_NJ|5vg~_*bRHN)on9~1x3nf?32H~1_*slAIo@S z*BITN@cHT3QOR_ksPKwQtuMc+zqOIvknj1zBY*!`s{XBt+jWGIg;byQl)v|#!z&ht zFMP1~zZ7sNIBX6PlB#s7?Zv=YlWv$-Twn>B0>H@=w~o#~W~ zeOKz*omnE#BUt}cs-gT-UM%@L*K#zIhx*8O+fjqN9G z7nTb~)?z)G7CHh;tuNZAk`vByRAno*g>Y~^@r|A2o$-woU*q(!I$wlo&Fi#j8qaWh zk(;8~$!8H(H5_q!_QrBWohRy$&wGsXoeN?)RlzYf8X?j$pLt<{Nh~|g_C_zG+Vm~w z*A@3QtWy~7yrso*<)I@l83m?JEJYG5yqRLj8v3Kj&7a-MU572An#gN>noj(3Q`m#S zuq|%#bCyuO$X$jzQ&)^7tY#Bb;}82&h@`juI=Qs#2T~29O>)KtF352Egp3_JC(Dw( zY+u4fR$x+d^xW^|OzG2-mK1a4-b+ z&R{1!Vdj2U$mJr^DN^!jF5?H2k6fg(;z zjZb$`UNf!jeZm-dZGGNIsABt?L@-m(ncF<$gwniJ1INwk)JU0{%#Y(IxCs{T>ooY=6m*q^KUf$#`9(A;r1=1~hh@4jx4tk|`9)pudizv7Jy+6v zJuB6h=n&q$+N|F?xBz95@J8i^2<|gk6F_&v9897d4p@?Y6+xZKVPod_>E4C9p zlRW>CquW`?Ke$rw8@rh^n-l6%Fx5uOF})M{SQ}ae<1R(@w_cQ5%{P zFTJz35Ue5}d_35!-%NIGZ&iMJwM4nD(ey)Ne^alllsJP^#fO`R1%$-kmn4nER(xYP zs+~u(yH#`Ao3NAGZ1$LOH|irDlSm6bQJ@zV^xQ`!Ej#aEQhZxqrQ?x}Yq_=x*6{;f zBit8WP54izG>Hch6-bxzSl@hHupP`fc*@t)FVDxCeM7rzoz~t+uF9sJ^V1q~6=Rvp z7NMjnFsFJ?4pU?3M&g*cPX82(iwHN5qn7ePqtBf#EBU=!D_9dW79!mjq(A38Pi! zx`EvsmmN?>!vohDGI8>xxIuG-gU@0;F&1s@XJXUMUW zO*afx`Mo<5cdISLk(Mqh$QNE^Cjsbl$n)m8YsJrC@T>P@sq5K zN+}WY)XV41=bZB&oE!J2=z1%s=pq3D8IZ#spa4ps0&1WETA%}ZU;sv7g1x{DEWiqE zzz!V130$xbxPb?Ffe-jW00cn@gh2#EK@7w}0wh5Sq(KH`K@RqVJSe~cI0%ZM1j?WS zs-Onya0oO&6AptGXoC*u!Vx$MdY}&mU6&Lm&jf1qg-^xCo(e3Buqq zghK>efvZ4-NFYHJL<2w!#KJX*gX<6vHvmHdB*INdf@Da6TW}jvAq~o4?J9v0veEW#2j!wP(cFYpys;TwF1HTVHPVI6+K25iD_*n(}?fj_VthcH5z z3}JGF_aIDxFeSoN2vZ|WgD@?^bO_TU%z!W>!b}M7MVJ|37KB+5W5mrH16=5}m)e$~~um-}K2p>jR3t?@9br9A?_z1#B5!ORkA7KN8 z4G}g%*cf3GgiR4PL)aW)3xq8ZwnEq%VH<>xA#98AafDAGY=^Kt!Y2_vg|Gv{rxA8U z*a_h?2suj9*KTnum2)boP zM<85MA`m1A1VY~Lp-?1A%sFLxVWyt>S-{AjYh~&SDX(l98y3~yVs~$`vD_X8VIdly zz0QPzYVp+FTz^7=BrRc4eaw|eAQ@;s^IvUg*RwJd3aV}Sg*uc(~^3T$ir^@v(ns^bGh1x z`k2FM*1H~o!toEv1Y;bDY}K-5Mr5ngg1x10Wys`@eXC1g6BGYYo2u4f*HrM@)?2*O zY(=bxGOV9|TfEso)L?;zeg9l|8>?$>#zu0kN~UYk^>~S|N)_~DVxIL!CX8q0x?IpmoHo+wszGe)s`t--ME}E&wxgE{%i7D*f zP?DlHRf}Y2vc2dYP-Z+oRDXUucVJ=Twn9{3vRZLqGIuxIC+qSW;*g2yp{N70A{XD& zW!4;Sy3i!v5mOsZJ=V#o0HuEnk7SRJB}uTU3=A{!@m*JYtg2!~6f-D?vBVgsp

B z9=2Bb-R-P7*Ek9Dk<rzF(R{;~7MLjl$A- zgEZf}-WS~$DfMps0FgE6VO+R)+uP0%<{SG$u@;PehirbYt&ZLp2Y<(1OQd79-m;*Q8Z50iy2%cq}W)sgeO__45wPiOe z^c>5k*r2SBB{rvJ+sz3eXTCHA!F*Q+zDfh~IA4A5sFK>dO9>vqZgB^-7$x)$?_Q)(a8n^zP_{5_5aC=^a`LFE8zK$@7-`1xXUeg9qOEid&=7hW!`a_70oAzzm6c1(O zdMmmyIZq#J)$09aY&vr_UMsah;!3|v8`0;{4h`Gsv6XP2s=M8Xr!8OK(4|f(tpx8; zI<2QvN-C_Bt96?;hA$XqyV zICeU$=5jrS^34L&7{_;s^gb@8&h?sv#mL&!=RK?!OlDLJr=s#VDc(l}R`CQA6^7wzmP<^0NX)HSaQyX@t(?KvBH zVYB}|;+K~kJdTx#r}I@}89!`pdhvQ+pNP$}sJ3%^7VP@v@rO=kjj~12A@4AARX6HT z+TQO+OvWb@y=(%9s3Tupq$<{yoH58|32BK9TrUiDi(g+0a*qvCddxd(>mZbI(rx3);;MrUVZm)Z4P7l>Dj((Q?Tr%gJw~fmD4lY{aMbqW zv|%~f9<%?dIHQMyt7)TGjKvhcPbL+})=W3-QEhGC8%@cNiCDCx_EnXLF=(LCQK7Pj2)IT=2+fzY(maQxvmgd?v{|mBvv^jCycd@SJ!`b z4#tkUVN@rn$*OLaGVM_}cv-66?X;XVI5KS+7y1BeYqh&N!Li64-#|_oT>VrvQS_v@FOwpdwU6Ynns)4j(K#h;~r)8=Ev?9kugZuM6a1RQ|9Y(o@OZ_H;NtP zJn~;2dqQpgDZYx0rK~PS&X%^sA{1Yr9~)_z%)b$A%wSLJ5Pd4pR4_>|M9W@t?-gD< z{jnkScdZppnPnP6KINuHEX)cc)i(RC9JDgtHB}6sJ&@N z&LawX*Aw%^>?OKscfyH&1jk~O!gk&yj8 zFJ8+&{%iN&6phNp1~Mp^*cq8ZZU)c?f1q(?N=VgL?RxQ($dWGWK0h?~ z6)F{qdiVOSK$y9R(HXOscMNKRNIGVy@VBHoMw3d^vf$bw);+{0hfD z8+Nmaq}iD#UA7OMjk`GatFjHwD$YHUsaw0_bdqa@hgef9QITn(x1jQaRLV=d=@vV{ zKcM?oF1o77Y0BZg)bu{l+rK|5)dmgtzHCCIKhhM06x%u<{(_CL?~J;Une5@W%1kT1 zl|A}8y#6hwYpYFaD9El_CT41)K(K19s!zIb+L??>Kc4?8s{Ap}vcpfH(6f6&%5cAT z?@NatJBj%8Z2N)dgkQAxKzHPIOE92MUC#lPlTbiIIs`p4>cvsk|iTjnFV z&ZGiA4=xuIj%@{=UnFxqCzDvdUjNDp%@de`Ckth6od0pZ_hoM%kq6#9M+RNRm$ zey1_6Be`~hCr8Pnto1hOX6#e{>;|JoOON;_2O5RTL~7AkeH*Kt9nzK)<4K39hfLB% zk4C(rN76bT2(ood8;(_-JEN?v(=8>k-FsEbx20yWR8HIKNSNe{FHSjjH$$)d5Ogh_ z?XJD4akOu5PiU!Tfy?CjN5g<0WpN`<$?to-SXE@uUz9a8z>c?+E{X?f#>JtjtBF}F zIt;XjHIKTU3gKe`@Tz8up=3R!f1SC2=RxbtV02UHues zYibwW%pnW-$N7H*{v+rg7yc3akC1;{L@haFp-5wp@&C_y-u&O2?ui`p%!fmfF_Ozm z|C{=M_vGI^zDG+k0Oe)>MLzHMcmSf$3mgeW{75)2>2K