Change log for AZURE_VNET_FLOW

Date	Changes
2025-06-19	- Newly created parser for CBN- AZURE_VNET_FLOW. - event1.idm.read_only_udm.metadata.product_log_id: Newly mapped `record_flowLogGUID` raw log field with `event1.idm.read_only_udm.metadata.product_log_id` UDM field - event1.idm.read_only_udm.metadata.product_version: Newly mapped `record_flowLogVersion` raw log field with `event1.idm.read_only_udm.metadata.product_version` UDM field - event1.idm.read_only_udm.metadata.product_event_type: Newly mapped `record_operationName` raw log field with `event1.idm.read_only_udm.metadata.product_event_type` UDM field - event1.idm.read_only_udm.principal.ip: Newly mapped `src_ip` raw log field with `event1.idm.read_only_udm.principal.ip' UDM field - event1.idm.read_only_udm.principal.asset.ip: Newly mapped `src_ip` raw log field with `event1.idm.read_only_udm.principal.asset.ip' UDM field - event1.idm.read_only_udm.principal.mac: Newly mapped `record_macAddress` raw log field with `event1.idm.read_only_udm.principal.mac' UDM field - event1.idm.read_only_udm.principal.asset.mac: Newly mapped `record_macAddress` raw log field with `event1.idm.read_only_udm.principal.asset.mac' UDM field - event1.idm.read_only_udm.principal.port: Newly mapped `src_port` raw log field with `event1.idm.read_only_udm.principal.port' UDM field - event1.idm.read_only_udm.target.ip: Newly mapped `dst_ip` raw log field with `event1.idm.read_only_udm.target.ip' UDM field - event1.idm.read_only_udm.target.asset.ip: Newly mapped `dst_ip` raw log field with `event1.idm.read_only_udm.target.asset.ip' UDM field - event1.idm.read_only_udm.target.port: Newly mapped `dst_port` raw log field with `event1.idm.read_only_udm.target.port' UDM field - event1.idm.read_only_udm.target.application: Newly mapped `appname` raw log field with `event1.idm.read_only_udm.target.application' UDM field - event1.idm.read_only_udm.target.resource.product_object_id: Newly mapped `record_targetResourceID` raw log field with `event1.idm.read_only_udm.target.resource.product_object_id` UDM field - event1.idm.read_only_udm.target.resource.attribute.labels: Newly mapped `virtualNetworks` raw log field with `event1.idm.read_only_udm.target.resource.attribute.labels` UDM field - event1.idm.read_only_udm.target.resource.attribute.labels: Newly mapped `SubscriptionId` raw log field with `event1.idm.read_only_udm.target.resource.attribute.labels` UDM field - event1.idm.read_only_udm.target.resource.attribute.labels: Newly mapped `resourceGroups` raw log field with `event1.idm.read_only_udm.target.resource.attribute.labels` UDM field - event1.idm.read_only_udm.security_result.about.resource.attribute.labels: Newly mapped `NETWORKWATCHERS` raw log field with `event1.idm.read_only_udm.security_result.about.resource.attribute.labels` UDM field - event1.idm.read_only_udm.security_result.about.resource.attribute.labels: Newly mapped `SubscriptionId` raw log field with `event1.idm.read_only_udm.security_result.about.resource.attribute.labels` UDM field - event1.idm.read_only_udm.security_result.about.resource.attribute.labels: Newly mapped `ResourceGroup` raw log field with `event1.idm.read_only_udm.security_result.about.resource.attribute.labels` UDM field - event1.idm.read_only_udm.security_result.about.resource.attribute.labels: Newly mapped `FLOWLOGS` raw log field with `event1.idm.read_only_udm.security_result.about.resource.attribute.labels` UDM field - event1.idm.read_only_udm.security_result.detection_fields: Newly mapped `flow.aclID` raw log field with `event1.idm.read_only_udm.security_result.detection_fields` UDM field - event1.idm.read_only_udm.security_result.detection_fields: Newly mapped `flowGroup.rule` raw log field with `event1.idm.read_only_udm.security_result.detection_fields` UDM field - event1.idm.read_only_udm.security_result.detection_fields: Newly mapped `flowTuple` raw log field with `event1.idm.read_only_udm.security_result.detection_fields` UDM field - event1.idm.read_only_udm.security_result.about.resource.name: Newly mapped `record_flowLogResourceID` raw log field with `event1.idm.read_only_udm.security_result.about.resource.name` UDM field - event1.idm.read_only_udm.security_result.rule_type: Newly mapped `record_category` raw log field with `event1.idm.read_only_udm.security_result.rule_type` UDM field

Date

Changes

2025-06-19

- Newly created parser for CBN- AZURE_VNET_FLOW.
- event1.idm.read_only_udm.metadata.product_log_id: Newly mapped `record_flowLogGUID` raw log field with `event1.idm.read_only_udm.metadata.product_log_id` UDM field
- event1.idm.read_only_udm.metadata.product_version: Newly mapped `record_flowLogVersion` raw log field with `event1.idm.read_only_udm.metadata.product_version` UDM field
- event1.idm.read_only_udm.metadata.product_event_type: Newly mapped `record_operationName` raw log field with `event1.idm.read_only_udm.metadata.product_event_type` UDM field
- event1.idm.read_only_udm.principal.ip: Newly mapped `src_ip` raw log field with `event1.idm.read_only_udm.principal.ip' UDM field
- event1.idm.read_only_udm.principal.asset.ip: Newly mapped `src_ip` raw log field with `event1.idm.read_only_udm.principal.asset.ip' UDM field
- event1.idm.read_only_udm.principal.mac: Newly mapped `record_macAddress` raw log field with `event1.idm.read_only_udm.principal.mac' UDM field
- event1.idm.read_only_udm.principal.asset.mac: Newly mapped `record_macAddress` raw log field with `event1.idm.read_only_udm.principal.asset.mac' UDM field
- event1.idm.read_only_udm.principal.port: Newly mapped `src_port` raw log field with `event1.idm.read_only_udm.principal.port' UDM field
- event1.idm.read_only_udm.target.ip: Newly mapped `dst_ip` raw log field with `event1.idm.read_only_udm.target.ip' UDM field
- event1.idm.read_only_udm.target.asset.ip: Newly mapped `dst_ip` raw log field with `event1.idm.read_only_udm.target.asset.ip' UDM field
- event1.idm.read_only_udm.target.port: Newly mapped `dst_port` raw log field with `event1.idm.read_only_udm.target.port' UDM field
- event1.idm.read_only_udm.target.application: Newly mapped `appname` raw log field with `event1.idm.read_only_udm.target.application' UDM field
- event1.idm.read_only_udm.target.resource.product_object_id: Newly mapped `record_targetResourceID` raw log field with `event1.idm.read_only_udm.target.resource.product_object_id` UDM field
- event1.idm.read_only_udm.target.resource.attribute.labels: Newly mapped `virtualNetworks` raw log field with `event1.idm.read_only_udm.target.resource.attribute.labels` UDM field
- event1.idm.read_only_udm.target.resource.attribute.labels: Newly mapped `SubscriptionId` raw log field with `event1.idm.read_only_udm.target.resource.attribute.labels` UDM field
- event1.idm.read_only_udm.target.resource.attribute.labels: Newly mapped `resourceGroups` raw log field with `event1.idm.read_only_udm.target.resource.attribute.labels` UDM field
- event1.idm.read_only_udm.security_result.about.resource.attribute.labels: Newly mapped `NETWORKWATCHERS` raw log field with `event1.idm.read_only_udm.security_result.about.resource.attribute.labels` UDM field
- event1.idm.read_only_udm.security_result.about.resource.attribute.labels: Newly mapped `SubscriptionId` raw log field with `event1.idm.read_only_udm.security_result.about.resource.attribute.labels` UDM field
- event1.idm.read_only_udm.security_result.about.resource.attribute.labels: Newly mapped `ResourceGroup` raw log field with `event1.idm.read_only_udm.security_result.about.resource.attribute.labels` UDM field
- event1.idm.read_only_udm.security_result.about.resource.attribute.labels: Newly mapped `FLOWLOGS` raw log field with `event1.idm.read_only_udm.security_result.about.resource.attribute.labels` UDM field
- event1.idm.read_only_udm.security_result.detection_fields: Newly mapped `flow.aclID` raw log field with `event1.idm.read_only_udm.security_result.detection_fields` UDM field
- event1.idm.read_only_udm.security_result.detection_fields: Newly mapped `flowGroup.rule` raw log field with `event1.idm.read_only_udm.security_result.detection_fields` UDM field
- event1.idm.read_only_udm.security_result.detection_fields: Newly mapped `flowTuple` raw log field with `event1.idm.read_only_udm.security_result.detection_fields` UDM field
- event1.idm.read_only_udm.security_result.about.resource.name: Newly mapped `record_flowLogResourceID` raw log field with `event1.idm.read_only_udm.security_result.about.resource.name` UDM field
- event1.idm.read_only_udm.security_result.rule_type: Newly mapped `record_category` raw log field with `event1.idm.read_only_udm.security_result.rule_type` UDM field