This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
New SecOps Webinar May 14th! Learn about Gemini's generative AI within Google SecOps
Log in to ask a question

Redacted password in process command line

Posted on 07-23-2024 07:06 AM
phaubertin
Bronze 4
Bronze 4
Reply posted on --/--/---- --:-- AM

Hi, I would like to know if Chronicle has capability to redact password while ingest data. We log Crowdstrike Falcon and notice that password are redacted in process command line. We would like to know if it's something the CrowdStrike done or It's Chronicle feature? 

If Chronicle are not doing it, can it be something that we could do at the ingestion level?

Best regards, 

 

Solved Solved
1 5 335
Topic Labels
Jump to Solution
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
Rene_Figueroa
Staff
In response to phaubertin
Reply posted on --/--/---- --:-- AM

Unfortunately, neither the forwarder or parsers can modify the actual raw logs. The parsers only control what is mapped to the UDM events, but do not modify the actual raw log source.

View solution in original post

Jump to Solution
0 Likes
5 REPLIES 5
Top Solution Authors
View all