Mappings: Sysdig Scanning JSON
| Input | Value |
|---|---|
| Vendor | Sysdig |
| Product | Sysdig |
| Log Format | JSON |
| Event ID Regex Pattern | hostscanning |
| Output | Value |
|---|---|
| Vendor | Sysdig |
| Product | Sysdig |
| Record Type | NotificationVulnerability |
| Cloud SIEM Schema Field | Original Record Key | Notes |
|---|---|---|
| action | name | |
| description | category | |
| device_container_id | containerId | |
| device_hostname | content.hostname | |
| device_mac | labels.host.mac | |
| device_osName | labels.host.os.name | |
| normalizedSeverity | severity | This is a lookup field. More info to come in the catalog later... |
| severity | severity |