pC_sentinelonesingularitypjsonregistrycreatesuccessvaluecreate.md

Parser Content

{
Name = sentinelone-singularityp-json-registry-create-success-valuecreate
ParserVersion = "v1.0.0"
Conditions = [ """"dataSource.name":"SentinelOne"""", """"event.category":"registry"""", """"event.type":"Registry Value Create""""]
DupFields = [ "host->dest_host", "alert_name->event_name"]


}