Skip to content

QRadar flow support
Compare
Choose a tag to compare
@delliott90 delliott90 released this 14 Feb 16:30
2.10.0
c16257c
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

This release adds support for QRadar flows for converting STIX patterns to native data source queries and converting data source results into STIX. Connectors that use multiple from-STIX mapping files now use "dialects" to indicate the different data types used by the data source (ie. Qradar events and flows). Any connectors that used more than one from_stix_map JSON have now been reworked to use dialects for find the appropriate mapping files.

Assets 2
Loading