Merge branch 'develop' into remote_emp_fraud

pyth0n1c · web-flow · commit 97ba77f6e069 · 2025-06-13T09:06:34.000-07:00
diff --git a/contentctl.yml b/contentctl.yml
@@ -83,9 +83,9 @@ apps:
 - uid: 5579
   title: Splunk Add-on for CrowdStrike FDR
   appid: Splunk_TA_CrowdStrike_FDR
-  version: 2.0.3
+  version: 2.0.5
   description: description of app
-  hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-crowdstrike-fdr_203.tgz
+  hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-crowdstrike-fdr_205.tgz
 - uid: 3185
   title: Splunk Add-on for Microsoft IIS
   appid: SPLUNK_TA_FOR_IIS
diff --git a/data_sources/crowdstrike_processrollup2.yml b/data_sources/crowdstrike_processrollup2.yml
@@ -19,7 +19,7 @@ separator_value: ProcessRollup2
 supported_TA:
 - name: Splunk Add-on for CrowdStrike FDR
   url: https://splunkbase.splunk.com/app/5579
-  version: 2.0.4
+  version: 2.0.5
 fields:
 - AuthenticationId
 - AuthenticationId_meaning
@@ -100,26 +100,26 @@ fields:
 - user_id
 - vendor_product
 output_fields:
-  - action 
-  - dest 
-  - original_file_name 
-  - parent_process 
-  - parent_process_exec 
-  - parent_process_guid 
-  - parent_process_id 
-  - parent_process_name 
-  - parent_process_path 
-  - process 
-  - process_exec 
-  - process_guid 
-  - process_hash 
-  - process_id 
-  - process_integrity_level 
-  - process_name 
-  - process_path 
-  - user 
-  - user_id
-  - vendor_product
+- action
+- dest
+- original_file_name
+- parent_process
+- parent_process_exec
+- parent_process_guid
+- parent_process_id
+- parent_process_name
+- parent_process_path
+- process
+- process_exec
+- process_guid
+- process_hash
+- process_id
+- process_integrity_level
+- process_name
+- process_path
+- user
+- user_id
+- vendor_product
 field_mappings:
 - data_model: cim
   data_set: Endpoint.Processes
diff --git a/requirements.txt b/requirements.txt
@@ -1 +1 @@
-contentctl==5.5.3
+contentctl==5.5.5
