Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AnalyticRules Entity Mapping Updates #9431

Merged
merged 3 commits into from
Nov 21, 2023
Merged

AnalyticRules Entity Mapping Updates #9431

merged 3 commits into from
Nov 21, 2023

Conversation

ddamenova
Copy link
Contributor

Change(s):

  • Primarily breaking up Account entity mappings into AccountName and
    UPNSuffix

  • Getting rid of extraneous variable names for entities columns such as IP

    Reason for Change(s):

    • Updating entity mapping for increased alert correlation

    Version Updated:

    • yes

    Testing Completed:

    • yes

    Checked that the validations are passing and have addressed any issues that are present:

    • no

@ddamenova ddamenova requested review from a team as code owners November 21, 2023 03:02
@github-actions GitHub Actions
Copy link
Contributor

Hello how are you I am GitHub bot
😀😀
I see that you changed templates under the detections/analytic rules folder. Did you remember to update the version of the templates you changed?
If not, and if you want customers to be aware that a new version of this template is available, please update the version property of the template you changed.

@github-actions GitHub Actions
Copy link
Contributor

Hello how are you I am GitHub bot
😀😀
I see that you changed templates under the detections/analytic rules folder. Did you remember to update the version of the templates you changed?
If not, and if you want customers to be aware that a new version of this template is available, please update the version property of the template you changed.

@github-actions GitHub Actions
Copy link
Contributor

Hello how are you I am GitHub bot
😀😀
I see that you changed templates under the detections/analytic rules folder. Did you remember to update the version of the templates you changed?
If not, and if you want customers to be aware that a new version of this template is available, please update the version property of the template you changed.

@ddamenova ddamenova self-assigned this Nov 21, 2023
@ddamenova ddamenova added Detection Detection specialty review needed CoreEntityFix Improving entity correlation ability by implement minimum entity mappings for Acount, Host and IP labels Nov 21, 2023
shainw
shainw approved these changes Nov 21, 2023
View reviewed changes
Copy link
Contributor

@shainw shainw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good!!

@shainw shainw merged commit 9165da7 into master Nov 21, 2023
31 checks passed
@v-atulyadav v-atulyadav self-assigned this Nov 21, 2023
@v-atulyadav v-atulyadav added the Solution Solution specialty review needed label Nov 21, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shainw shainw shainw approved these changes

Assignees

@v-atulyadav v-atulyadav

@mmelndezlujn mmelndezlujn

@ddamenova ddamenova

Labels
CoreEntityFix Improving entity correlation ability by implement minimum entity mappings for Acount, Host and IP Detection Detection specialty review needed Solution Solution specialty review needed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@ddamenova @shainw @v-atulyadav @mmelndezlujn