Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ASimFileEventMicrosoftSysmon.yaml-27 #10605

Merged
merged 17 commits into from
Jul 30, 2024
Merged

ASimFileEventMicrosoftSysmon.yaml-27 #10605

merged 17 commits into from
Jul 30, 2024

Conversation

Alekhya0824
Copy link
Contributor

Required items, please complete

Change(s):

  • Created a new file for WindowsEvent and added WindowsEvent parser in it. In Event file removed WindowsEvent parser and in ASimFileEvent added WindowsEvent Parser name and same changes have done for vim as well.

Reason for Change(s):

  • To Split the WindowsEven and Event parser separately

Version Updated:

  • yes

Testing Completed:

  • yes

Checked that the validations are passing and have addressed any issues that are present:

  • yes

@Alekhya0824 Alekhya0824 requested review from a team as code owners June 6, 2024 10:21
@contentautomationbot ContentAutomationBot
Copy link

ASIM parsers have been changed. ARM templates were regenerated from the updated KQL function YAML files.
To find the new ARM templates, pull your branch.

@v-atulyadav
Copy link
Contributor

Hi @Alekhya0824,
Please check below failed KQL validation. Thanks
image

@v-atulyadav
Copy link
Contributor

Hi @Alekhya0824,
Validations failing please check. Thanks

@contentautomationbot ContentAutomationBot
Copy link

ASIM parsers have been changed. ARM templates were regenerated from the updated KQL function YAML files.
To find the new ARM templates, pull your branch.

vakohl
vakohl requested changes Jul 17, 2024
View reviewed changes
Parsers/ASimFileEvent/Parsers/ASimFileEventMicrosoftSysmon.yaml Outdated Show resolved Hide resolved
Parsers/ASimFileEvent/Parsers/ASimFileEventMicrosoftSysmonWindowsEvent.yaml Outdated Show resolved Hide resolved
Parsers/ASimFileEvent/Parsers/vimFileEventMicrosoftSysmon.yaml Outdated Show resolved Hide resolved
Parsers/ASimFileEvent/Parsers/vimFileEventMicrosoftSysmonWindowsEvent.yaml Outdated Show resolved Hide resolved
Parsers/ASimFileEvent/Parsers/ASimFileEventMicrosoftSysmon.yaml Show resolved Hide resolved
Parsers/ASimFileEvent/test/Microsoft_Sysmon_Windows_Even_VimFileEvent_DataTest.csv Show resolved Hide resolved
Parsers/ASimFileEvent/Parsers/ASimFileEventMicrosoftSysmon.yaml Outdated Show resolved Hide resolved
Parsers/ASimFileEvent/Parsers/ASimFileEventMicrosoftSysmonWindowsEvent.yaml Outdated Show resolved Hide resolved
Parsers/ASimFileEvent/Parsers/vimFileEventMicrosoftSysmon.yaml Outdated Show resolved Hide resolved
Parsers/ASimFileEvent/Parsers/vimFileEventMicrosoftSysmonWindowsEvent.yaml Outdated Show resolved Hide resolved
@contentautomationbot ContentAutomationBot
Copy link

ASIM parsers have been changed. ARM templates were regenerated from the updated KQL function YAML files.
To find the new ARM templates, pull your branch.

@contentautomationbot ContentAutomationBot
Copy link

ASIM parsers have been changed. ARM templates were regenerated from the updated KQL function YAML files.
To find the new ARM templates, pull your branch.

@v-atulyadav
Copy link
Contributor

Hi @Alekhya0824,
Please work on open comment. Thanks

@contentautomationbot ContentAutomationBot
Copy link

ASIM parsers have been changed. ARM templates were regenerated from the updated KQL function YAML files.
To find the new ARM templates, pull your branch.

@v-atulyadav v-atulyadav merged commit 39b4bfb into master Jul 30, 2024
28 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@v-atulyadav v-atulyadav v-atulyadav approved these changes

@vakohl vakohl vakohl approved these changes

Assignees

@vakohl vakohl

@v-atulyadav v-atulyadav

Labels
ASIM
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Alekhya0824 @v-atulyadav @vakohl