Module Log
Normalize module logs in Genian EDR.
| Type | Field | Display Name |
|---|---|---|
| DATE | _time | Time |
| STRING | event_type | Event type |
| STRING | event_subtype | Event subtype |
| INT | important | Important level |
| IP | host_ip | Host IP |
| STRING | nt_domain | NT domain |
| STRING | hostname | Hostname |
| STRING | image | Process name |
| STRING | image_path | Process path |
| STRING | file_name | File name |
| STRING | file_type | File type |
| STRING | file_ext | File extension |
| STRING | file_path | File path |
| STRING | md5 | MD5 |
| STRING | sha256 | SHA256 |
| STRING | logon_id | Logon ID |
| INT | pid | PID |
| STRING | pguid | Process GUID |
| STRING | device_id | Device ID |
| LONG | event_seq | Event sequence |