Change log for APACHE
| Date | Changes |
|---|---|
| 2024-09-10 | Enhancement:
- Added support to parse unparsed logs. |
| 2024-08-05 | Enhancement:
- Added a Grok pattern to parse the "jsonPayload.message" field into "additional.fields". - Mapped "ip_msg" to "principal.ip" and "principal.asset.ip". - Mapped "msg_method" to "network.http.method". - Mapped "response_code" to "network.http.response_code". - Mapped "useragentvalue" to "network.http.user_agent". |
| 2024-06-11 | Enhancement:
- Added a Grok pattern to parse the new pattern of SYSLOG format logs. |
| 2024-01-25 | Enhancement:
- Added a new Grok pattern to parse syslog logs that contain symbol "+". |
| 2024-01-25 | Enhancement:
- Added a new Grok pattern to parse syslog logs that contain symbol "+". |
| 2023-12-21 | Enhancement:
- Handled unparsing JSON logs. - Mapped "src_port" to "principal.port". - Mapped "x_forwarded_for" to "principal.ip". - Mapped "keep_alive", "duration_microseconds", "cookie", "http_content_type" to "additional.fields". - Mapped "user" to "principal.user.userid". - Mapped "http_host" to "principal.hostname. - Mapped "file_full_path" to "target.file.full_path". - Mapped "ssl_version" to "network.tls.version_protocol". - Mapped "ssl_cipher" to "network.tls.cipher". - Mapped "uri_path" to "target.process.file.full_path". - Mapped "http_referrer" to "network.http.referral_url". - Mapped "http_user_agent" to "network.http.user_agent". - Mapped "http_method" to "network.http.method". - Mapped "protocol" to "network.application_protocol". - Mapped "dest_port" to "target.port". - Mapped "dest_name" to "target.hostname". - Mapped "bytes_out" to "network.sent.bytes". |
| 2023-07-31 | Enhancement:
- Modified Grok pattern to handle hyphen("-") when bytes are not available. |
| 2023-06-05 | Enhancement:
- Mapped "Content" to "target.url", "network.http.method" and "network.tls.version_protocol". - Mapped "LastStatus" to "network.http.response_code". - Mapped "SizeBytes" to "network.received_bytes". - Mapped "Workername" to "principal.hostname". - Mapped "Port" to "target.port". - Mapped "ID" to "metadata.id". - Mapped "XForwardedForIP" and "RemoteHost" to "principal.ip". - Mapped "Remoteuser" to "principal.user.userid". - Modified Grok pattern to support incorrect log parsing. |
| 2023-02-20 | Enhancement:
- Modified Grok pattern to support incorrect log parsing. - Converted "user_agent" to "network.http.parsed_user_agent". |
| 2022-09-21 | Enhancement: - Migrated to default parser.
|
| 2022-09-07 | Enhancement:
- Added grok patterns to parse logs with json + syslog format. - Mapped the field 'host.name' and 'hostname' to 'target.hostname'. - Mapped the field 'log.file.path' to 'principal.process.file.full_path'. - Mapped the field 'mac' to 'principal.mac'. - Mapped the field 'ip' to 'principal.asset.ip'. - Mapped the field 'os.version' to 'principal.platform_version'. - Mapped the field 'os.kernel' to 'principal.platform_patch_level'. - Mapped the field 'os.platform' to 'principal.platform'. - Mapped the field 'architecture' to 'principal.asset.hardware'. - Mapped the field 'id' to 'principal.asset.asset_id'. |
| 2022-05-12 | Enhancement:
Added grok patterns for unique unparsed logs. - Added conditional checks for 'network.http.user_agent' and 'network.http.referral_url'. - Added support for Apache Traffic Server (ATS) proxy logs. |