Stay organized with collections
Save and categorize content based on your preferences.
Change log for AWS_ELB
Date
Changes
2025-02-19
Enhancement:
- Added support for new format of syslog logs.
- Mapped "sec_status" to "security_result.action".
- Mapped "grp_identifiers" to "principal.user.group_identifiers".
- Mapped "http_version" to "network.application_protocol_version".
- Mapped "useragent" to "network.http.user_agent".
- Mapped "severity_level" to "security_result.severity".
- Mapped "pid" to "principal.process.pid".
- Mapped "port" to "principal.port".
- Mapped "desc" to "metadata.description".
- Mapped "int_host" to "intermediary.hostname".
- Mapped "int_port" to "intermediary.port".
- Mapped "tid" to "additional.fields".
- Added a Grok pattern to parse "sent_bytes".
2024-11-12
Enhancement:
- Added support to parse new format of syslog logs.
2024-03-22
Enhancement:
- Added new Grok pattern to support new pattern of JSON logs.
- Added support for CEF pattern logs.
- Mapped "dst_ip" to "target.ip".
- Mapped "dst_port" to "target.port".
- Mapped "sip" to "principal.ip".
- Mapped "request_processing_time", "target_processing_time", "siteid", "fileId", and "response_processing_time" to "security_result.detection.fields".
- Aligned mappings for "principal.ip" and "principal.asset.ip".
- Aligned mappings for "target.ip" and "target.asset.ip".
- Aligned mappings for "target.hostname" and "target.asset.hostname".
- Mapped "cipher" to "network.tls.cipher".
- Mapped "version" to "network.tls.version".
- Mapped "Customer" to "principal.user.user_display_name".
2022-05-27
Enhancement - Modified the value stored in metadata.product_name to 'AWS Elastic Load Balancer'.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-29 UTC."],[[["\u003cp\u003eThe change log documents enhancements to AWS_ELB, including parsing updates for syslog and JSON logs.\u003c/p\u003e\n"],["\u003cp\u003eNew mappings have been added to align various log fields with security and network related fields, such as mapping \u003ccode\u003esec_status\u003c/code\u003e to \u003ccode\u003esecurity_result.action\u003c/code\u003e.\u003c/p\u003e\n"],["\u003cp\u003eRecent updates include parsing support for new log formats, including CEF, and Grok patterns.\u003c/p\u003e\n"],["\u003cp\u003eThe metadata field \u003ccode\u003eproduct_name\u003c/code\u003e was modified to specify 'AWS Elastic Load Balancer'.\u003c/p\u003e\n"]]],[],null,["Change log for AWS_ELB\n\n| Date | Changes |\n|------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| 2025-02-19 | Enhancement: - Added support for new format of syslog logs. - Mapped \"sec_status\" to \"security_result.action\". - Mapped \"grp_identifiers\" to \"principal.user.group_identifiers\". - Mapped \"http_version\" to \"network.application_protocol_version\". - Mapped \"useragent\" to \"network.http.user_agent\". - Mapped \"severity_level\" to \"security_result.severity\". - Mapped \"pid\" to \"principal.process.pid\". - Mapped \"port\" to \"principal.port\". - Mapped \"desc\" to \"metadata.description\". - Mapped \"int_host\" to \"intermediary.hostname\". - Mapped \"int_port\" to \"intermediary.port\". - Mapped \"tid\" to \"additional.fields\". - Added a Grok pattern to parse \"sent_bytes\". |\n| 2024-11-12 | Enhancement: - Added support to parse new format of syslog logs. |\n| 2024-03-22 | Enhancement: - Added new Grok pattern to support new pattern of JSON logs. - Added support for CEF pattern logs. - Mapped \"dst_ip\" to \"target.ip\". - Mapped \"dst_port\" to \"target.port\". - Mapped \"sip\" to \"principal.ip\". - Mapped \"request_processing_time\", \"target_processing_time\", \"siteid\", \"fileId\", and \"response_processing_time\" to \"security_result.detection.fields\". - Aligned mappings for \"principal.ip\" and \"principal.asset.ip\". - Aligned mappings for \"target.ip\" and \"target.asset.ip\". - Aligned mappings for \"target.hostname\" and \"target.asset.hostname\". - Mapped \"cipher\" to \"network.tls.cipher\". - Mapped \"version\" to \"network.tls.version\". - Mapped \"Customer\" to \"principal.user.user_display_name\". |\n| 2022-05-27 | Enhancement - Modified the value stored in metadata.product_name to 'AWS Elastic Load Balancer'. |"]]