Add the last missing

2021-07-07 09:10:50 +02:00
parent e76f30d59c
commit 5c9ca35bb6
2 changed files with 8 additions and 14 deletions
@@ -263,10 +263,7 @@ fieldmappings:
    SubjectLogonId: winlog.event_data.SubjectLogonId
    TargetFileName: file.path
    TargetProcessAddress: winlog.event_data.TargetProcessAddress
-    # SourceNetworkAddress
-    # SourceUserName
-    # SourceWorkstation
-    # TargetLogonId
-    # TaskName
-    # UserName
-    # Workstation  
+    TargetLogonId: winlog.event_data.TargetLogonId
+    TaskName: winlog.event_data.TaskName
+    UserName: winlog.event_data.UserName # smbclient-security  eventid:31017
+    Workstation : winlog.event_data.Workstation
@@ -242,10 +242,7 @@ fieldmappings:
    SubjectLogonId: winlog.event_data.SubjectLogonId
    TargetFileName: winlog.event_data.TargetFilename
    TargetProcessAddress: winlog.event_data.TargetProcessAddress
-    # SourceNetworkAddress
-    # SourceUserName
-    # SourceWorkstation
-    # TargetLogonId
-    # TaskName
-    # UserName
-    # Workstation  
+    TargetLogonId: winlog.event_data.TargetLogonId
+    TaskName: winlog.event_data.TaskName
+    UserName: winlog.event_data.UserName # smbclient-security  eventid:31017
+    Workstation : winlog.event_data.Workstation