New mappings; Fix mappings; XQL suport datamodel + (preset, dataset)

uncoder-core/app/translator/mappings/platforms/athena/aws_cloudtrail.yml

@@ -1,6 +1,6 @@
 platform: Athena
 source: aws_cloudtrail
-description: Text that describe current mapping
+
 
 log_source:
   table:

uncoder-core/app/translator/mappings/platforms/athena/default.yml

@@ -1,6 +1,6 @@
 platform: Athena
 source: default
-description: Text that describe current mapping
+
 
 
 default_log_source:

uncoder-core/app/translator/mappings/platforms/athena/linux_file_event.yml

@@ -1,6 +1,6 @@
 platform: Athena
 source: linux_file_event
-description: Text that describe current mapping
+
 
 default_log_source:
   table: eventlog

uncoder-core/app/translator/mappings/platforms/athena/linux_process_creation.yml

@@ -1,6 +1,6 @@
 platform: Athena
 source: linux_process_creation
-description: Text that describe current mapping
+
 
 
 default_log_source:

uncoder-core/app/translator/mappings/platforms/athena/macos_file_event.yml

@@ -1,6 +1,6 @@
 platform: Athena
 source: macos_file_event
-description: Text that describe current mapping
+
 
 default_log_source:
   table: eventlog

uncoder-core/app/translator/mappings/platforms/athena/macos_process_creation.yml

@@ -1,6 +1,6 @@
 platform: Athena
 source: macos_process_creation
-description: Text that describe current mapping
+
 
 
 default_log_source:

uncoder-core/app/translator/mappings/platforms/athena/windows_file_event.yml

@@ -1,6 +1,6 @@
 platform: Microsoft Sentinel
 source: windows_file_event
-description: Text that describe current mapping
+
 
 default_log_source:
   table: eventlog

uncoder-core/app/translator/mappings/platforms/athena/windows_image_load.yml

@@ -1,6 +1,6 @@
 platform: Athena
 source: windows_image_load
-description: Text that describe current mapping
+
 
 default_log_source:
   table: eventlog

uncoder-core/app/translator/mappings/platforms/athena/windows_process_creation.yml

@@ -1,6 +1,6 @@
 platform: Athena
 source: windows_process_creation
-description: Text that describe current mapping
+
 
 default_log_source:
   table: eventlog

uncoder-core/app/translator/mappings/platforms/athena/windows_registry_event.yml

@@ -1,6 +1,6 @@
 platform: Athena
 source: windows_registry_event
-description: Text that describe current mapping
+
 
 default_log_source:
   table: eventlog

uncoder-core/app/translator/mappings/platforms/athena/windows_security.yml

@@ -1,6 +1,6 @@
 platform: Athena
 source: windows_security
-description: Text that describe current mapping
+
 
 default_log_source:
   table: eventlog

uncoder-core/app/translator/mappings/platforms/chronicle/default.yml

@@ -1,3 +1,2 @@
 platform: Chronicle
 source: default
-description: Text that describe current mapping

uncoder-core/app/translator/mappings/platforms/chronicle/windows_create_remote_thread.yml

@@ -1,6 +1,6 @@
 platform: Chronicle
 source: windows_create_remote_thread
-description: Text that describe current mapping
+
 
 
 field_mapping:

uncoder-core/app/translator/mappings/platforms/chronicle/windows_dns_query.yml

@@ -1,6 +1,6 @@
 platform: Chronicle
 source: windows_dns_query
-description: Text that describe current mapping
+
 
 
 field_mapping:

uncoder-core/app/translator/mappings/platforms/chronicle/windows_file_event.yml

@@ -1,6 +1,6 @@
 platform: Chronicle
 source: windows_file_event
-description: Text that describe current mapping
+
 
 
 field_mapping:

uncoder-core/app/translator/mappings/platforms/chronicle/windows_image_load.yml

@@ -1,6 +1,6 @@
 platform: Chronicle
 source: windows_image_load
-description: Text that describe current mapping
+
 
 
 field_mapping:

uncoder-core/app/translator/mappings/platforms/chronicle/windows_network_connection.yml

@@ -1,6 +1,6 @@
 platform: Chronicle
 source: windows_network_connection
-description: Text that describe current mapping
+
 
 
 field_mapping:

uncoder-core/app/translator/mappings/platforms/chronicle/windows_pipe_created.yml

@@ -1,6 +1,6 @@
 platform: Chronicle
 source: windows_pipe_created
-description: Text that describe current mapping
+
 
 field_mapping:
   PipeName: target.resource.name

uncoder-core/app/translator/mappings/platforms/chronicle/windows_process_access.yml

@@ -1,6 +1,6 @@
 platform: Chronicle
 source: windows_process_access
-description: Text that describe current mapping
+
 
 field_mapping:
   TargetImage: target.process.file.full_path

uncoder-core/app/translator/mappings/platforms/chronicle/windows_process_creation.yml

@@ -1,6 +1,6 @@
 platform: Chronicle
 source: windows_process_creation
-description: Text that describe current mapping
+
 
 
 field_mapping:

uncoder-core/app/translator/mappings/platforms/chronicle/windows_registry_event.yml

@@ -1,6 +1,6 @@
 platform: Chronicle
 source: windows_registry_event
-description: Text that describe current mapping
+
 
 
 field_mapping:

uncoder-core/app/translator/mappings/platforms/chronicle/windows_security.yml

@@ -1,6 +1,6 @@
 platform: Chronicle
 source: windows_security
-description: Text that describe current mapping
+
 
 
 field_mapping:

uncoder-core/app/translator/mappings/platforms/chronicle/windows_sysmon.yml

@@ -1,6 +1,6 @@
 platform: Chronicle
 source: windows_sysmon
-description: Text that describe current mapping
+
 
 
 field_mapping:

uncoder-core/app/translator/mappings/platforms/crowdstrike/default.yml

@@ -1,6 +1,6 @@
 platform: Crowdstrike
 source: default
-description: Text that describe current mapping
+
 
 log_source:
   event_simpleName:

uncoder-core/app/translator/mappings/platforms/crowdstrike/linux_dns_query.yml

@@ -1,6 +1,6 @@
 platform: Crowdstrike
 source: linux_dns_query
-description: Text that describe current mapping
+
 
 log_source:
   event_simpleName: [DnsRequest]

uncoder-core/app/translator/mappings/platforms/crowdstrike/linux_network_connection.yml

@@ -1,6 +1,6 @@
 platform: Crowdstrike
 source: linux_network_connection
-description: Text that describe current mapping
+
 
 log_source:
   event_simpleName: [NetworkConnectIP4]

uncoder-core/app/translator/mappings/platforms/crowdstrike/linux_process_creation.yml

@@ -1,6 +1,6 @@
 platform: Crowdstrike
 source: linux_process_creation
-description: Text that describe current mapping
+
 
 log_source:
   event_simpleName: [ProcessRollup2]

uncoder-core/app/translator/mappings/platforms/crowdstrike/macos_dns_query.yml

@@ -1,6 +1,6 @@
 platform: Crowdstrike
 source: macos_dns_query
-description: Text that describe current mapping
+
 
 log_source:
   event_simpleName: [DnsRequest]

uncoder-core/app/translator/mappings/platforms/crowdstrike/macos_network_connection.yml

@@ -1,6 +1,6 @@
 platform: Crowdstrike
 source: macos_network_connection
-description: Text that describe current mapping
+
 
 log_source:
   event_simpleName: [NetworkConnectIP4]

uncoder-core/app/translator/mappings/platforms/crowdstrike/macos_process_creation.yml

@@ -1,6 +1,6 @@
 platform: Crowdstrike
 source: macos_process_creation
-description: Text that describe current mapping
+
 
 log_source:
   event_simpleName: [ProcessRollup2]

uncoder-core/app/translator/mappings/platforms/crowdstrike/windows_dns_query.yml

@@ -1,6 +1,6 @@
 platform: Crowdstrike
 source: windows_dns_query
-description: Text that describe current mapping
+
 
 log_source:
   event_simpleName: [DnsRequest]

uncoder-core/app/translator/mappings/platforms/crowdstrike/windows_driver_load.yml

@@ -1,6 +1,6 @@
 platform: Crowdstrike
 source: windows_driver_load
-description: Text that describe current mapping
+
 
 log_source:
   event_simpleName: [DriverLoad]

uncoder-core/app/translator/mappings/platforms/crowdstrike/windows_image_load.yml

@@ -1,6 +1,6 @@
 platform: Crowdstrike
 source: windows_image_load
-description: Text that describe current mapping
+
 
 log_source:
   event_simpleName: [LoadImage]

uncoder-core/app/translator/mappings/platforms/crowdstrike/windows_network_connection.yml

@@ -1,6 +1,6 @@
 platform: Crowdstrike
 source: windows_network_connection
-description: Text that describe current mapping
+
 
 log_source:
   event_simpleName: [NetworkConnectIP4]

uncoder-core/app/translator/mappings/platforms/crowdstrike/windows_process_creation.yml

@@ -1,6 +1,6 @@
 platform: Crowdstrike
 source: windows_process_creation
-description: Text that describe current mapping
+
 
 log_source:
   event_simpleName: [ProcessRollup2]

uncoder-core/app/translator/mappings/platforms/crowdstrike/windows_registry_event.yml

@@ -1,6 +1,6 @@
 platform: Crowdstrike
 source: windows_registry_event
-description: Text that describe current mapping
+
 
 log_source:
   event_simpleName: [RegistryOperationDetectInfo]

uncoder-core/app/translator/mappings/platforms/elasticsearch/aws_cloudtrail.yml

@@ -1,6 +1,6 @@
 platform: ElasticSearch
 source: aws_cloudtrail
-description: Text that describe current mapping
+
 
 log_source:
   index: [logs-*]

uncoder-core/app/translator/mappings/platforms/elasticsearch/aws_eks.yml

@@ -1,6 +1,6 @@
 platform: ElasticSearch
 source: aws_eks
-description: Text that describe current mapping
+
 
 log_source:
   index: [logs-*]

uncoder-core/app/translator/mappings/platforms/elasticsearch/azure_AzureDiagnostics.yml

@@ -1,6 +1,6 @@
 platform: ElasticSearch
 source: azure_AzureDiagnostics
-description: Text that describe current mapping
+
 
 log_source:
   index: [logs-*]

uncoder-core/app/translator/mappings/platforms/elasticsearch/azure_BehaviorAnalytics.yml

@@ -1,6 +1,6 @@
 platform: ElasticSearch
 source: azure_BehaviorAnalytics
-description: Text that describe current mapping
+
 
 log_source:
   index: [logs-*]

uncoder-core/app/translator/mappings/platforms/elasticsearch/azure_aadnoninteractiveusersigninlogs.yml

@@ -1,6 +1,6 @@
 platform: ElasticSearch
 source: azure_aadnoninteractiveusersigninlogs
-description: Text that describe current mapping
+
 
 log_source:
   index: [logs-*]

uncoder-core/app/translator/mappings/platforms/elasticsearch/azure_azureactivity.yml

@@ -1,6 +1,6 @@
 platform: ElasticSearch
 source: azure_azureactivity
-description: Text that describe current mapping
+
 
 log_source:
   index: [logs-*]

uncoder-core/app/translator/mappings/platforms/elasticsearch/azure_azuread.yml

@@ -1,6 +1,6 @@
 platform: ElasticSearch
 source: azure_azuread
-description: Text that describe current mapping
+
 
 log_source:
   index: [logs-*]

uncoder-core/app/translator/mappings/platforms/elasticsearch/azure_m365.yml

@@ -1,6 +1,6 @@
 platform: ElasticSearch
 source: azure_m365
-description: Text that describe current mapping
+
 
 log_source:
   index: [logs-*]

uncoder-core/app/translator/mappings/platforms/elasticsearch/azure_signinlogs.yml

@@ -1,6 +1,6 @@
 platform: ElasticSearch
 source: azure_signinlogs
-description: Text that describe current mapping
+
 
 log_source:
   index: [logs-*]

uncoder-core/app/translator/mappings/platforms/elasticsearch/default.yml

@@ -1,6 +1,6 @@
 platform: ElasticSearch
 source: default
-description: Text that describe current mapping
+
 
 default_log_source:
   index: "*"

uncoder-core/app/translator/mappings/platforms/elasticsearch/dns.yml

@@ -1,6 +1,6 @@
 platform: ElasticSearch
 source: dns
-description: Text that describe current mapping
+
 
 log_source:
   index: [logs-*]

uncoder-core/app/translator/mappings/platforms/elasticsearch/firewall.yml

@@ -1,6 +1,6 @@
 platform: ElasticSearch
 source: firewall
-description: Text that describe current mapping
+
 
 log_source:
   index: [logs-*]

uncoder-core/app/translator/mappings/platforms/elasticsearch/gcp_gcp.audit.yml

@@ -1,6 +1,6 @@
 platform: ElasticSearch
 source: gcp_gcp.audit
-description: Text that describe current mapping
+
 
 log_source:
   index: [logs-*]

uncoder-core/app/translator/mappings/platforms/elasticsearch/gcp_pubsub.yml

@@ -1,6 +1,6 @@
 platform: ElasticSearch
 source: gcp_pubsub
-description: Text that describe current mapping
+
 
 log_source:
   index: [logs-*]