Change log for ABSOLUTE

Date	Changes
2024-12-03	Enhancement: - Added a KV block to map "objectProperties". - Mapped "objectProperties" to "target.resource.attribute.labels".
2023-07-07	Enhancement: - Modified Grok pattern to support new log formats. - Mapped "actorType" to "principal.user.attribute.roles.name". - Mapped "actorID" to "principal.user.product_object_id". - Mapped "objectType" to "principal.resource.resource_type" when "objectType" is "Device". - Mapped "objectName" to "principal.hostname". - Mapped "objectID" to "principal.resource.product_object_id". - Mapped "dvc_ip" to "intermediary.ip". - Mapped "hostname" to "intermediary.hostname". - Mapped "pid" to "about.process.pid". - Mapped "event_class" to "metadata.product_event_type". - Mapped "device_version" to "metadata.product_version". - Mapped "eventType" to "metadata.product_event_type". - Mapped "verb" to "security_result.summary".

Date

Changes

2024-12-03

Enhancement:
- Added a KV block to map "objectProperties".
- Mapped "objectProperties" to "target.resource.attribute.labels".

2023-07-07

Enhancement:
- Modified Grok pattern to support new log formats.
- Mapped "actorType" to "principal.user.attribute.roles.name".
- Mapped "actorID" to "principal.user.product_object_id".
- Mapped "objectType" to "principal.resource.resource_type" when "objectType" is "Device".
- Mapped "objectName" to "principal.hostname".
- Mapped "objectID" to "principal.resource.product_object_id".
- Mapped "dvc_ip" to "intermediary.ip".
- Mapped "hostname" to "intermediary.hostname".
- Mapped "pid" to "about.process.pid".
- Mapped "event_class" to "metadata.product_event_type".
- Mapped "device_version" to "metadata.product_version".
- Mapped "eventType" to "metadata.product_event_type".
- Mapped "verb" to "security_result.summary".