title: StreamAlert field mapping, outputs, publishers and tags
order: 20
backends:
    - streamalert
tags: ["upper"]
outputs: ["test_output"]
publishers: [test_publisher]
fieldmappings:
    AccountName: USERNAME
    CommandLine: COMMAND_LINE
    ComputerName: HOSTNAME
    CurrentDirectory: PROCESS_PATH
    Description: DESCRIPTION
    DestinationHostname: DST_HOSTNAME
    DestinationIp: DST_IP
    DestinationIsIpv6: DST_IPV6
    DestinationPort: DST_PORT
    Image: PROCESS_NAME
    ImageLoaded: PROCESS_LOADED
    ImagePath: PROCESS_PATH
    ParentProcessName: PARENT_NAME
    ParentImage: PARENT_NAME
    Path: PROCESS_PATH
    ProcessCommandLine: cmdline
    ProcessName: PROCESS_NAME
    SourceIp: SRC_IP
    DestinationAddress: DST_IP
    DestPort: DST_PORT
    TargetObject: DST_NAME
    TargetFilename: DST_NAME
    SourceImage: PARENT_NAME
    TargetImage: DST_NAME
    NewProcessName: DST_NAME
    Product: PRODUCT_NAME
    Signature: SIGNATURE
    User: USERNAME
    EventID: EVENT_ID