thomaspatzke
commented
7 months ago Yes, you can define your custom processing pipeline in YAML format and use them. Non-standard mappings are not intended to be added to the packaged processing pipelines as they are specific to an environment.
Hi there !
Is there any possibilities to add custom k/v for cim mapping (ex : ProcessName for splunk_sysmon_process_creation_cim_mapping) without touching your code ? Perhaps through Processing Pipelines ? Or do you prefer a pull requests with new data_model mapping ?
Thanks in advance,
See you !