Stay organized with collections
Save and categorize content based on your preferences.
Change log for AZURE_KEYVAULT_AUDIT
Date
Changes
2025-07-08
Enhancement:
- event.idm.read_only_udm.additional.fields: Newly mapped `loggingSourceName` raw log field with `event.idm.read_only_udm.additional.fields` UDM field.
- Added support to `has_principal` which is causing the issue to parser error.
2025-01-30
Enhancement:
- Added support for the new pattern of JSON logs.
2024-11-18
Enhancement:
- Added support for new pattern of JSON logs.
2024-10-29
Enhancement:
- Mapped "properties.isAddressAuthorized", "properties.isAccessPolicyMatch", and "properties.isRbacAuthorized" to "target.resource.attribute.labels".
- Mapped "properties.subnetId", and "properties.privateEndpointId" to "additional.fields".
2024-09-25
- Modified condition for "USER_UNCATEGORIZED" event_type.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-29 UTC."],[[["\u003cp\u003eThe AZURE_KEYVAULT_AUDIT parser has been recently developed, with its initial creation dated February 27, 2024.\u003c/p\u003e\n"],["\u003cp\u003eThe parser's functionality has been enhanced multiple times in 2024, including the addition of support for new JSON log patterns.\u003c/p\u003e\n"],["\u003cp\u003eSpecific mappings have been implemented for fields like "properties.isAddressAuthorized", "properties.subnetId", and others, redirecting them to either "target.resource.attribute.labels" or "additional.fields".\u003c/p\u003e\n"],["\u003cp\u003eThe most recent enhancement, on January 30, 2025, added further support for JSON log patterns.\u003c/p\u003e\n"],["\u003cp\u003eThe condition for the "USER_UNCATEGORIZED" event_type was modified on September 25, 2024.\u003c/p\u003e\n"]]],[],null,["# Change log for AZURE_KEYVAULT_AUDIT\n==================================="]]
