-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathoutput_file.json
1 lines (1 loc) · 5.92 KB
/
output_file.json
1
{"Oracle Cloud Infrastructure": {"provider": "Oracle Cloud Infrastructure", "providerType": "CSP", "providerId": "1", "source": {"Cloud Guard": {"sourceName": "Cloud Guard", "sourceId": "None", "alerts": {"__default__": {"alertMapping": {"provider.accountId": {"path": "data.additionalDetails.tenantId", "entityType": "string", "mappedValue": false, "value": ""}, "event.guid": {"path": "data.resourceId", "entityType": "string", "mappedValue": false, "value": ""}, "event.name": {"path": "data.additionalDetails.problemName", "entityType": "string", "mappedValue": false, "value": ""}, "event.shortDescription": {"path": "data.additionalDetails.problemDescription", "entityType": "string", "mappedValue": false, "value": ""}, "event.startTime": {"path": "data.additionalDetails.firstDetected", "entityType": "datetime", "mappedValue": false, "value": ""}, "event.severity": {"path": "data.additionalDetails.riskLevel", "entityType": "string", "mappedValue": false, "value": ""}, "event.status": {"path": "data.additionalDetails.status", "entityType": "string", "mappedValue": false, "value": ""}, "resource.identifier": {"path": "data.additionalDetails.resourceId", "entityType": "orclResourceId", "mappedValue": false, "value": ""}, "resource.type": {"path": "data.additionalDetails.resourceType", "entityType": "string", "mappedValue": false, "value": ""}, "resource.name": {"path": "data.additionalDetails.resourceName", "entityType": "string", "mappedValue": false, "value": ""}, "resource.region": {"path": "data.additionalDetails.region", "entityType": "string", "mappedValue": false, "value": ""}, "resource.zone": {"path": "data.compartmentName", "entityType": "string", "mappedValue": false, "value": ""}}}, "BUCKET_IS_PUBLIC": {"alertMapping": {"event.recommendation": {"path": "data.additionalDetails.problemRecommendation", "entityType": "string", "mappedValue": false, "value": ""}}}, "SUSPICIOUS_IP_ACTIVITY": {"alertMapping": {"event.geolocation.ipv4": {"path": "data.additionalDetails.impactedResourceId", "entityType": "", "mappedValue": false, "value": ""}, "event.actor": {"path": "data.additionalDetails.resourceName", "entityType": "", "mappedValue": false, "value": ""}}}, "VCN_DHCP_OPTION_CHANGED": {"alertMapping": {"event.actor": {"path": "data.additionalDetails.resourceName", "entityType": "", "mappedValue": false, "value": ""}}}}}}}, "Azure": {"provider": "Azure", "providerType": "CSP", "providerId": "2", "source": {"Defender": {"sourceName": "Defender", "sourceId": "None", "alerts": {"__default__": {"alertMapping": {"provider.accountId": {"path": "properties.subscriptionId", "entityType": "string", "mappedValue": false, "value": ""}, "event.guid": {"path": "id", "entityType": "string", "mappedValue": false, "value": ""}, "event.name": {"path": "properties.alertName", "entityType": "string", "mappedValue": false, "value": ""}, "event.shortDescription": {"path": "properties.alertDisplayName", "entityType": "string", "mappedValue": false, "value": ""}, "event.longDescription": {"path": "properties.description", "entityType": "string", "mappedValue": false, "value": ""}, "event.startTime": {"path": "properties.detectedTimeUtc", "entityType": "string", "mappedValue": false, "value": ""}, "event.status": {"path": "properties.state", "entityType": "string", "mappedValue": false, "value": ""}, "resource.identifier": {"path": "properties.associatedResource", "entityType": "string", "mappedValue": false, "value": ""}, "resource.type": {"path": "properties.extendedProperties.resourceType", "entityType": "string", "mappedValue": false, "value": ""}, "event.geolocation.ipv4": {"path": "properties.extendedProperties.client IP address", "entityType": "", "mappedValue": false, "value": ""}, "event.actor": {"path": "properties.extendedProperties.client principal name", "entityType": "", "mappedValue": false, "value": ""}, "event.severity": {"path": "properties.reportedSeverity", "entityType": "", "mappedValue": false, "value": ""}}}}}}}, "Aquasec": {"provider": "Aquasec", "providerType": "CSPM", "providerId": "3", "source": {"Aqua": {"sourceName": "Aqua", "sourceId": "None", "alerts": {"__default__": {"alertMapping": {"event.name": {"path": "data.control", "entityType": "string", "mappedValue": false, "value": ""}, "event.guid": {"path": "id", "entityType": "string", "mappedValue": false, "value": ""}, "event.shortDescription": {"path": "data.reason", "entityType": "string", "mappedValue": false, "value": ""}, "event.startTime": {"path": "data.time", "entityType": "string", "mappedValue": false, "value": ""}, "event.severity": {"path": "", "entityType": "string", "mappedValue": true, "value": "High"}, "resource.identifier": {"path": "containerid", "entityType": "string", "mappedValue": false, "value": ""}, "resource.type": {"path": "type", "entityType": "string", "mappedValue": false, "value": ""}, "resource.name": {"path": "data.container", "entityType": "string", "mappedValue": false, "value": ""}, "resource.region": {"path": "data.vm_location", "entityType": "string", "mappedValue": false, "value": ""}}}}}}}, "Amazon Web Services": {"provider": "Amazon Web Services", "providerType": "CSP", "providerId": "4", "source": {"GuardDuty": {"sourceName": "GuardDuty", "sourceId": "None", "alerts": {"__default__": {"alertMapping": {"provider.accountId": {"path": "AccountId", "entityType": "string", "mappedValue": false, "value": ""}, "event.guid": {"path": "Arn", "entityType": "string", "mappedValue": false, "value": ""}, "event.actor": {"path": "Resource.AccessKeyDetails.GeneratedFindingUserName", "entityType": "string", "mappedValue": false, "value": ""}, "event.startTime": {"path": "CreatedAt", "entityType": "", "mappedValue": false, "value": ""}, "resource.identifier": {"path": "Resource.AccessKeyDetails.GeneratedFindingPrincipalId", "entityType": "", "mappedValue": false, "value": ""}, "event.shortDescription": {"path": "Description", "entityType": "", "mappedValue": false, "value": ""}, "event.name": {"path": "Title", "entityType": "", "mappedValue": false, "value": ""}}}}}}}}