Link Search Menu Expand Document

Office365_ApplicationId_Translate

ID: 101843

Description:

Processor to translate Application IDs for commonly used Microsoft applications (@fields.ApplicationId)

Repository: Group: Office365 Type: event

Default Status:

Enabled

Tags:
 

Selector:

Query:

Filters:

Field MUST hit
@sender office365
@fields.ApplicationId exist (boolean)
Field MUST NOT hit
   

History:

User Date
ho*d@fluencysecurity.com 2022 Mar 31 00:11:17 EDT

This page was automatically created/formatted on Wed, 2022 May 4 21:43:53 EDT, from rule_dump.json (4d88bffdfb1cea26b3985f2193033606)