Mappings: Tanium Reputation Event
Input | Value |
---|---|
Vendor | tanium |
Product | tanium |
Log Format | JSON |
Event ID Regex Pattern | reputation |
Output | Value |
---|---|
Vendor | Tanium |
Product | Tanium Core |
Record Type | Endpoint |
Cloud SIEM Schema Field | Original Record Key | Notes |
---|---|---|
description | Intel Name | |
device_hostname | Computer Name | |
device_ip | Computer IP | |
file_hash_md5 | Match Details.match.properties.md5 | |
file_hash_sha1 | Match Details.match.properties.sha1 | |
file_hash_sha256 | Match Details.match.properties.sha256 | |
file_path | Match Details.match.properties.fullpath | |
threat_name | Intel Labels | |
timestamp | Timestamp | We expect the orginal record value of Timestamp is in the format yyyy-MM-dd'T'HH:mm:ss.SSSZ |