New Category Fields: first_seen, last_seen, last_updated #8
Description
Is your feature request related to a problem? Please describe.
n/a
Describe the solution you'd like
Add new category fields for first_seen, last_seen, and last_updated.
Describe alternatives you've considered
n/a
Additional context
Fields to be added:
| Field | Crowdstrike field | Description | Example value |
|---|---|---|---|
| first_seen | falcon_device.first_seen | First observed in Crowdstrike | 2020-10-01T15:46:12Z |
| last_seen | falcon_device.last_seen | Last observed in Crowdstrike | 2022-08-24T19:25:23Z |
| last_updated | n/a | Last time updated in Splunk | 2022-08-24T19:25:23Z |