Compatibility with previous versions of the probe

When migrating from the Probe for Windows NT Event Log (nco_p_mhntlog) to the Probe for Windows Event Log (nco_p_wineventlog.bat) you will need to map the old element names with the new element names when making updates to any rules files or filter files that you may have previously configured.

The following table outlines the old element name and the corresponding the new element name:

Table 1. Element name mapping
Old Element Name	New Element Name
$`EventCategory`	$`TaskCategory`
$`EventDescription`	$`EventDescription`
$`EventID`	$`EventID`
$`EventType`	$`Level`
$`HostName`	$`Computer`
$`IPAddress`	Not Applicable
$`LogFile`	$`LogName`
$`LogSource`	$`Source`
$`Machine`	$`Computer`
$`RecordNumber`	$`RecordID`
$`TimeGenerated`	$`DateTime` - Includes both date and time information.
$`UserName`	$`User`