Merge pull request #3056 from maximelb/OriginalFilename-case

Support alternate case for OriginalFileName.
2022-05-30 06:51:08 +02:00
parent 6e41ecdaaf 3fdaf8b9f1
commit c2e5ca2f12
1 changed files with 2 additions and 0 deletions
@@ -126,6 +126,7 @@ _allFieldMappings = {
                "ParentCommandLine": "event/PARENT/COMMAND_LINE",
                "User": "event/USER_NAME",
                "OriginalFileName": "event/ORIGINAL_FILE_NAME",
+                "OriginalFilename": "event/ORIGINAL_FILE_NAME",
                # Custom field names coming from somewhere unknown.
                "NewProcessName": "event/FILE_PATH",
                "ProcessCommandLine": "event/COMMAND_LINE",
@@ -237,6 +238,7 @@ _allFieldMappings = {
                "ParentCommandLine": "event/PARENT/COMMAND_LINE",
                "User": "event/USER_NAME",
                "OriginalFileName": "event/ORIGINAL_FILE_NAME",
+                "OriginalFilename": "event/ORIGINAL_FILE_NAME",
                # Custom field names coming from somewhere unknown.
                "NewProcessName": "event/FILE_PATH",
                "ProcessCommandLine": "event/COMMAND_LINE",