Skip to content

Commit

Permalink
Merge pull request #2021 from SEKOIA-IO/doc/edr_agent_update
Browse files Browse the repository at this point in the history
Fix doc for discovery rule
  • Loading branch information
Sengthay authored Sep 20, 2024
2 parents 0bb6d11 + 499eda8 commit 30a324a
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion docs/xdr/features/collect/assets.md
Original file line number Diff line number Diff line change
Expand Up @@ -152,7 +152,7 @@ This rule enriches an existing asset with an `os` contextual property. This prop

**Set the Contextual Property `edr_agent_id` to Host**

This rule enriches an existing asset with the `edr_agent_id` contextual property (for example `sentinelone_agent_id`). This property is extracted from the values of `agent.id` and `agent.type`.
This rule enriches an existing asset with the `edr_agent_id` contextual property (for example `sentinelone_agent_id`). This property is extracted from the value of `agent.id`.

Note that this rule only applies to assets of `Host` category and that a single host can have multiple EDR agent IDs.

Expand Down

0 comments on commit 30a324a

Please sign in to comment.