Stay organized with collections
Save and categorize content based on your preferences.
Change log for ARUBA_SWITCH
Date
Changes
2024-11-14
Enhancement:
- Mapped "severity" to "security_result.severity".
2024-10-29
Enhancement:
- Modified grok pattern to parse "severity" and "amm" fields.
2024-10-16
Enhancement:
- Added support for new format of SYSLOG logs.
- Changed mapping of "userid" from "principal.user.userid" to "target.user.userid".
- Based on the log description, set "metadata.event_type" as "USER_LOGIN" or "USER_LOGOUT" or "NETWORK_CONNECTION".
- Based on the log description, set "security_result.action" as "ALLOW" or "BLOCK".
2024-09-17
Enhancement:
- Added support for a new pattern of SYSLOG logs.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-03-13 UTC."],[[["This change log details updates and enhancements made to the ARUBA_SWITCH parser over time."],["The parser has been enhanced to support new SYSLOG log formats and patterns as of 2024-09-17 and 2024-10-16."],["Modifications were made to field mappings, including \"severity,\" \"amm,\" and \"userid,\" improving data parsing accuracy."],["The parser now dynamically sets \"metadata.event_type\" and \"security_result.action\" based on the log description."],["The parser was initially created on 2024-04-18, serving as a foundation for subsequent changes and enhancements."]]],[]]
