Sentinel provides the ability to use mapping to inject additional information into events. This increases Sentinel’s ability to analyze events, execute correlation rules, or provide detailed reports.
Overview
Default Maps
Accessing Map Definitions
Adding Map Definitions
Adding a Number Range Map Definition
Updating Map Data
Using Maps for Event Configuration
Renaming Event Fields