Stay organized with collections
Save and categorize content based on your preferences.
Change log for BLUECAT_DDI
Date
Changes
2022-11-08
- Added grok for newly ingested logs for log_type - "agetty", "syslog-ng", "systemd".
- Added grok pattern for log_type - "named", "systemd", "CRON", "agetty", "syslog-ng" and it's respective mappings for the fields in the log_type mentioned above.
2022-09-01
- Modified "event_type" from "GENERIC_EVENT" to "USER_UNCATEGORIZED" to reduce generic percentage.
2022-08-16
- Added udm mapping
"metadata.vendor_name" to "Bluecat Networks"
"metadata.product_name" to "Bluecat DDI"
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-06 UTC."],[[["New grok patterns and mappings were added for various log types, including \"agetty,\" \"syslog-ng,\" \"systemd,\" \"named,\" and \"CRON,\" to better process newly ingested logs."],["The \"event_type\" was changed from \"GENERIC_EVENT\" to \"USER_UNCATEGORIZED\" to reduce the generic event percentage."],["UDM mappings were updated to include \"Bluecat Networks\" as the vendor name and \"Bluecat DDI\" as the product name."],["Checks for the query\\_type field have been implemented."]]],[]]
