Stay organized with collections
Save and categorize content based on your preferences.
Change log for ARUBA_EDGECONNECT_SDWAN
Date
Changes
2024-06-10
Enhancement:
- Added a Grok pattern to parse the new pattern of SYSLOG format logs.
- Mapped "summary" to "security_result.summary".
- Mapped "userid" to "principal.user.userid".
- Mapped "hostname" to "target.hostname" and "target.asset.hostname".
- Mapped "command" to "principal.process.command_line".
- Mapped "principal_ip" to "principal.asset.ip" and "principal.asset.ip".
- When "userid", "hostname" are present, and "description" is nearly equal to "login", then set "metadata.event_type" to "USER_LOGIN".
- When "principal_present" is true, then set "metadata.event_type" to "STATUS_UPDATE".
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-29 UTC."],[[["\u003cp\u003eThis document outlines the change log for ARUBA_EDGECONNECT_SDWAN, detailing updates and enhancements.\u003c/p\u003e\n"],["\u003cp\u003eOn June 10, 2024, a new Grok pattern was added to parse SYSLOG format logs, alongside several field mappings such as "summary" to "security_result.summary" and "userid" to "principal.user.userid".\u003c/p\u003e\n"],["\u003cp\u003eThe June 2024 update includes setting "metadata.event_type" to "USER_LOGIN" when specific conditions related to user login are met, and to "STATUS_UPDATE" when "principal_present" is true.\u003c/p\u003e\n"],["\u003cp\u003eThe parser for this system was newly created as of May 3, 2023.\u003c/p\u003e\n"]]],[],null,["# Change log for ARUBA_EDGECONNECT_SDWAN\n======================================"]]
