Stay organized with collections
Save and categorize content based on your preferences.
Change log for ALCATEL_SWITCH
Date
Changes
2024-03-11
Enhancement:
- Added new Grok patterns to parse new format of syslog logs.
- Mapped "severity" to "security_result.severity" and "security_result.detection_fields".
- If "id_protocol" is nearly equal to "ssh", then set "network.application_protocol" to "SSH".
- Added new Grok patterns to parse new format of "sec_summary".
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-29 UTC."],[[["\u003cp\u003eThe parser for ALCATEL_SWITCH was newly created on January 16, 2024.\u003c/p\u003e\n"],["\u003cp\u003eOn March 11, 2024, enhancements were made, including new Grok patterns for syslog and "sec_summary" logs.\u003c/p\u003e\n"],["\u003cp\u003e"Severity" was mapped to fields like "security_result.severity" and "security_result.detection_fields" on March 11, 2024.\u003c/p\u003e\n"],["\u003cp\u003eOn March 11, 2024, the "network.application_protocol" was set to "SSH" if "id_protocol" was closely related to "ssh".\u003c/p\u003e\n"]]],[],null,["# Change log for ALCATEL_SWITCH\n============================="]]
