51df5ad876
Added:
...
Sumo Logic CSE Rule Backend
Updated:
Mapping depence on logsource
Azure Sentinel Query Backend
MDATP: query with few logsources
CROWDSTRIKE: fix generateMapItemTypedNode
2020-10-06 15:07:52 +03:00
09378b5ebf
Fixed unsupported attempt to index a set
2020-06-28 00:27:33 +02:00
203aa192c7
Fix multiple references to default field mapping in same rule
...
If there is a default mapping specified for a fieldmapping and that field is
referenced multiple times in the rule, the default mapping will be "pop"ped
and return the unmapped key on subsequent uses.
Don't pop the value. Just return the first entry.
2020-06-18 13:01:31 -04:00
849a5a520d
Conditional field mapping resolve_fieldname now functional
...
Before this method just had some placeholder function that wasn't really
implementing the intended functionality of the conditional field
mapping. Now aggregations get also conditional field mapping
functionality.
2019-10-09 23:57:41 +02:00
eb022f3908
Conditional field mapping for null values
...
Fixes #326
2019-04-25 23:24:05 +02:00
4e83bfeb16
Fixed merge bugs
2019-01-14 22:54:26 +01:00
42ed8acec9
Improved test coverage
...
* Adding tests
* Removal of coverage measurement for debugging code
2018-11-04 23:28:40 +01:00
418f8d10a3
Wrap conditions generated by mappings into sub-expression
2018-11-04 23:00:04 +01:00
0e4842962b
Added tests
2018-11-04 22:16:20 +01:00
265ce115a0
Fixed conditional field mapping usage in mapping chains
2018-10-16 13:57:51 +02:00
2fbf17ff34
Addition and resolution of field mapping chains explicitely checks for list
2018-09-13 16:22:29 +02:00
41a8ef2fd9
Implemented resolve_fieldname in FieldMappingChain
2018-09-13 14:56:31 +02:00
1d7722c1cb
Added configuration and field mapping chains
...
Missing: field name mapping of log source conditions.
2018-08-27 00:17:27 +02:00
df74460629
Fixed imports after config split
2018-07-27 23:54:18 +02:00
096bc35447
Split config - code removal from mapping
2018-07-27 00:15:14 +02:00
4ffbb25960
Split config - Copy mapping
2018-07-27 00:13:19 +02:00
vh