{"ID":"32b67ce6-4fe7-f766-3f71-fb701b5fffc1","Version":21,"CreatedAt":1780670851740,"Description":"[OOTB] Microsoft Products for KUMA 3\r\n\u003chtml lang=\"en\"\u003e\r\n\u003cbody\u003e\r\n\r\n  \u003cp\u003e\r\n    Пакет содержит нормализатор событий для продуктов компании Microsoft для KUMA 3 и дополнительные ресурсы, используемые для обогащения событий.\u003cbr\u003e\r\n\tНормализатор поддерживает обработку некоторых типов событий в формате xml от следующих продуктов Microsoft:\r\n\t\u003cul\u003e\r\n\t\t\u003cli\u003eMicrosoft Windows - Security log\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft Windows - System log\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft Network Policy Server\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft - Windows - PowerShell - Operational\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft Windows PowerShell\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft Sysmon\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft Windows Remote Desktop Services\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft Defender\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft Active Directory Federation Service (AD FS)\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft Active Directory Domain Service\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft Hyper-V\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft SQL Server\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft Skype for business - Lync Server log\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft Windows - System log - Service Control Manager\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft - Windows - DNS-Server – Audit\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft – Windows - Group Policy - Operational\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft Installer (MSI Installer)\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft - Windows - TaskScheduler - Operational\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft - Windows - AppLocker\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft - Windows - WinRM - Operational\u003c/li\u003e\r\n\t\u003c/ul\u003e\r\n  \u003c/p\u003e\r\n\r\n  \u003cp\u003e\r\n\tThis package contains normalizer for events produced by Microsoft products for KUMA 3  and additional resources that used for event enrichment.\u003cbr\u003e\r\n\tThe normalizer supports processing of some event types in the xml format for the following Microsoft products:\r\n\t\u003cul\u003e\r\n\t\t\u003cli\u003eMicrosoft Windows - Security log\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft Windows - System log\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft Network Policy Server\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft - Windows - PowerShell - Operational\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft Windows PowerShell\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft Sysmon\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft Windows Remote Desktop Services\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft Defender\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft Active Directory Federation Service (AD FS)\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft Active Directory Domain Service (AD DS)\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft Hyper-V\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft SQL Server\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft Skype for business - Lync Server log\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft Windows - System log - Service Control Manager\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft - Windows - DNS-Server – Audit\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft – Windows - Group Policy - Operational\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft Installer (MSI Installer)\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft - Windows - TaskScheduler - Operational\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft - Windows - AppLocker\u003c/li\u003e\r\n\t\t\u003cli\u003eMicrosoft - Windows - WinRM - Operational\u003c/li\u003e\r\n\t\u003c/ul\u003e\r\n  \u003c/p\u003e\r\n\r\n\u003c/body\u003e\r\n\u003c/html\u003e","Language":"en","ResourceIDs":["91c3b6b7-7bf3-483b-bbf5-6e998d5d748b","7bec5db7-c0d2-4ed9-8ad5-ac4af3fc6fdf","7f77aec8-8747-4800-93c2-4c393410830f","74dabe56-c51e-4ba5-b524-7c160dcd11fe","f2b2e350-8d17-415d-9ef1-f5b332df2e25","f36028f0-9b40-40bc-82f8-3a9c500abb80","2b58e92a-2b60-4a7a-a471-a3113f2aa74a","009cc9e1-218a-4b5b-8130-cab85ea9e8f9","25a9c9cf-9b2d-4c75-a24d-8d40f500b093","c4331855-e67f-4f22-9104-96b4ac9fa0e7","180e8fcf-c2bc-4ad5-98a3-3c80976400cb","12af8d0e-bdc6-4533-b6ea-135ea30868e0","8915fa7d-6ac3-4320-a653-ad3666596706","2d991758-51fd-4707-a27c-c2bba4ab94d2","cd033aa8-2260-4a78-8d1f-bbb5f014cbae","162fc077-3000-4504-8596-228f35c4c1ba","074ee623-4c1c-4fb0-8bf2-40ae90cf43c6","768a68ad-d0c6-4337-93ab-a47d54766dd1"],"Emergency":false}