Mappings: FireEye hx Malware Scan
Input | Value |
---|---|
Vendor | fireeye |
Product | hx |
Log Format | CEF |
Event ID Regex Pattern | Malware Scan |
Output | Value |
---|---|
Vendor | FireEye |
Product | Endpoint Security |
Record Type | Endpoint |
Cloud SIEM Schema Field | Original Record Key | Notes |
---|---|---|
action | act | |
description | msg | |
device_hostname | dhost | |
device_ip | dst | |
timestamp | rt | We expect the orginal record value of rt is in the format MMM dd yyyy HH:mm:ss zzz |
user_username | suser |