Guides

SentinelOne Cloud Funnel

Suggest Edits
// Description:
// Default system Syslog event passthrough

// Data input format: ({ obj, size }) or ( doc )
function main({obj, size}) {
    //
    if(!obj["@timestamp"]){
        let t = new Time()
        obj["@timestamp"] = t.UnixMilli()
    }
    obj["@type"] = "event"
    obj["@parser"] = "fpl"
    return "pass"
}

Updated about 1 year ago