Mappings: CrowdStrike FDR - NetworkConnectIP6
| Input | Value |
|---|---|
| Vendor | CrowdStrike |
| Product | FDR |
| Log Format | JSON |
| Event ID Regex Pattern | NetworkConnectIP6 |
| Output | Value |
|---|---|
| Vendor | CrowdStrike |
| Product | FDR |
| Record Type | Network |
| Cloud SIEM Schema Field | Original Record Key | Notes |
|---|---|---|
| device_hostname | aid | |
| device_ip | aip | |
| device_uniqueId | aid | |
| dstDevice_ip | dstIP | |
| dstPort | dstPort | |
| ipProtocol | Protocol | This is a lookup field. More info to come in the catalog later... |
| severity | severity | |
| srcDevice_ip | srcIP | |
| srcPort | srcPort |