Stay organized with collections
Save and categorize content based on your preferences.
Change log for BEYONDTRUST_BEYONDINSIGHT
Date
Changes
2025-07-23
Enhancement:
- Added gsubs to ensure proper mapping of KV format logs.
- Modified a gsub to ensure proper mapping of `OS` and `Agent Version` raw log fields.
- event.idm.read_only_udm.additional.fields: Newly mapped `EventType` raw log field to `event.idm.read_only_udm.additional.fields` (with key `Event Type`).
- Added a grok pattern to check if `souirceip` is a valid IP address before mapping it to `event.idm.read_only_udm.principal.ip` UDM field.
2025-05-13
Enhancement:
- Added support to handle the '#' character in the UDM Fields.
- Added support for the parsing the metadata.event_type.
- Added support required null checks while doing the mapping.
2025-04-21
Enhancement:
- Added a grok pattern to support new format of SYSLOG logs.
- Added gsub to fix the kv parsing issue.
2025-02-06
Enhancement:
- Added support to map the unparsed fields.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-29 UTC."],[[["\u003cp\u003eThe change log for BEYONDTRUST_BEYONDINSIGHT documents updates to the system.\u003c/p\u003e\n"],["\u003cp\u003eSupport for mapping unparsed fields was added as an enhancement on February 6, 2025.\u003c/p\u003e\n"],["\u003cp\u003eA new parser was created on November 22, 2024.\u003c/p\u003e\n"]]],[],null,["Change log for BEYONDTRUST_BEYONDINSIGHT\n\n| Date | Changes |\n|------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| 2025-07-23 | Enhancement: - Added gsubs to ensure proper mapping of KV format logs. - Modified a gsub to ensure proper mapping of \\`OS\\` and \\`Agent Version\\` raw log fields. - event.idm.read_only_udm.additional.fields: Newly mapped \\`EventType\\` raw log field to \\`event.idm.read_only_udm.additional.fields\\` (with key \\`Event Type\\`). - Added a grok pattern to check if \\`souirceip\\` is a valid IP address before mapping it to \\`event.idm.read_only_udm.principal.ip\\` UDM field. |\n| 2025-05-13 | Enhancement: - Added support to handle the '#' character in the UDM Fields. - Added support for the parsing the metadata.event_type. - Added support required null checks while doing the mapping. |\n| 2025-04-21 | Enhancement: - Added a grok pattern to support new format of SYSLOG logs. - Added gsub to fix the kv parsing issue. |\n| 2025-02-06 | Enhancement: - Added support to map the unparsed fields. |\n| 2024-11-22 | - Newly created parser. |"]]
