Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Address gaps in Process Activity and Memory Activity wrt process injection. #1060

Merged
merged 3 commits into from
Apr 24, 2024
Merged

Address gaps in Process Activity and Memory Activity wrt process injection. #1060

merged 3 commits into from
Apr 24, 2024

Conversation

davemcatcisco
Copy link
Contributor

Related Issue:

#1041: Process Activity and Memory Activity cannot adequately describe common injection-related behaviours

Description of changes:

  • Added entry to injection_type_id enum in dictionary.json to cover queueing of an asynchronous procedure call (APC).
  • Added entry to activity_id enum in events/system/memory.json to cover mapping of shared memory object.

@davemcatcisco
Copy link
Contributor Author

This PR replaces #1042 which had targetted the now released 1.2.0 branch. Otherwise unchanged.

@davemcatcisco
Copy link
Contributor Author

@pagbabian-splunk - If you could re-approve this copy of the original PR I would appreciate it. I'd also appreciate your guidance on how best to engage other code owners.

@davemcatcisco davemcatcisco marked this pull request as ready for review April 23, 2024 16:36
@davemcatcisco davemcatcisco mentioned this pull request Apr 23, 2024
Closed
floydtree
floydtree requested changes Apr 23, 2024
View reviewed changes
CHANGELOG.md Outdated Show resolved Hide resolved
mikeradka
mikeradka approved these changes Apr 24, 2024
View reviewed changes
Copy link
Contributor

@mikeradka mikeradka left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great

@mikeradka mikeradka merged commit e093f0c into ocsf:main Apr 24, 2024
2 checks passed
@davemcatcisco
Copy link
Contributor Author

Thanks, all.

@davemcatcisco davemcatcisco mentioned this pull request Apr 25, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mikeradka mikeradka mikeradka approved these changes

@floydtree floydtree floydtree approved these changes

@zschmerber zschmerber zschmerber approved these changes

@pagbabian-splunk pagbabian-splunk Awaiting requested review from pagbabian-splunk pagbabian-splunk is a code owner

@Aniak5 Aniak5 Awaiting requested review from Aniak5 Aniak5 is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@davemcatcisco @zschmerber @floydtree @mikeradka