Change log for TRELLIX_HX_ALERTS
| Date | Changes |
|---|---|
| 2025-11-14 | Enhancement:
- Added mappings to `network` from same values used in `target.network`. |
| 2025-09-18 | Enhancement:
- Added mapping to `target.registry.registry_value_type` for registry events. - Added mapping to `target.hostname` for dnsLookupEvent events. |
| 2025-07-21 | Enhancement:
- Added mapping to `target.process.parent_process` to `processEvent` events. |
| 2025-07-19 | Enhancement:
- Correctly map target.port for urlMonitorEvent events. - Remove hostname from target.url for urlMonitorEvent events. The hostname is already present in target.hostname and may give the impression that the URL is fully qualified. |
| 2025-05-06 | Populate target.labels "Device Path" for imageLoadEvent events. |
| 2025-05-01 | Populate target.labels "Registry value base64" for regKeyEvent events. In target.registry.registry_value_data, use regKeyEvent/value if regKeyEvent/text is not set. |
| 2025-03-31 | Fix unparsed logs when event_values.__parentProcess is not set. |
| 2025-03-26 | Add fallback mappings to multi_indicator for IOC security results when indicator field is not preset. |
| 2025-02-26 | Mappings for regKeyEvent IOC event type. |
| 2025-02-26 | Mappings for regKeyEvent IOC event type. |
| 2025-02-26 | Mappings for regKeyEvent IOC event type. |
| 2025-02-26 | Mappings for regKeyEvent IOC event type. |
| 2025-02-26 | Mappings for regKeyEvent IOC event type. |
| 2025-02-26 | Mappings for regKeyEvent IOC event type. |
| 2025-02-20 | Initial mappings for TRELLIX_HX_ALERTS logtype. |
| 2025-02-20 | Initial mappings for TRELLIX_HX_ALERTS logtype. |