fix(PaloAlto): add a missing smart-description

HarishHary · Jun 4, 2024 · 32583ca · 32583ca
1 parent 98a9722
commit 32583ca
Showing 1 changed file with 22 additions and 0 deletions.
diff --git a/Palo Alto Networks/paloalto-ngfw/_meta/smart-descriptions.json b/Palo Alto Networks/paloalto-ngfw/_meta/smart-descriptions.json
@@ -155,6 +155,28 @@
       }
     ]
   },
+  {
+    "value": "{event.action} threat between {source.nat.ip} and {destination.nat.ip}",
+    "conditions": [
+      {
+        "field": "log.logger",
+        "value": "threat"
+      },
+      {
+        "field": "source.nat.ip"
+      },
+      {
+        "field": "destination.nat.ip"
+      }
+    ],
+    "relationships": [
+      {
+        "source": "source.ip",
+        "target": "destination.ip",
+        "type": "connected to"
+      }
+    ]
+  },
   {
     "value": "{log.logger} type {paloalto.PanOSThreatID} detected from {source.ip} user {user.name} to {destination.ip}:{destination.port} targeting host {host.name}",
     "conditions": [