Stay organized with collections
Save and categorize content based on your preferences.
Change log for BLUECAT_DDI
Date
Changes
2022-11-08
- Added grok for newly ingested logs for log_type - "agetty", "syslog-ng", "systemd".
- Added grok pattern for log_type - "named", "systemd", "CRON", "agetty", "syslog-ng" and it's respective mappings for the fields in the log_type mentioned above.
2022-09-01
- Modified "event_type" from "GENERIC_EVENT" to "USER_UNCATEGORIZED" to reduce generic percentage.
2022-08-16
- Added udm mapping
"metadata.vendor_name" to "Bluecat Networks"
"metadata.product_name" to "Bluecat DDI"
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-29 UTC."],[[["\u003cp\u003eNew grok patterns and mappings were added for various log types, including "agetty," "syslog-ng," "systemd," "named," and "CRON," to better process newly ingested logs.\u003c/p\u003e\n"],["\u003cp\u003eThe "event_type" was changed from "GENERIC_EVENT" to "USER_UNCATEGORIZED" to reduce the generic event percentage.\u003c/p\u003e\n"],["\u003cp\u003eUDM mappings were updated to include "Bluecat Networks" as the vendor name and "Bluecat DDI" as the product name.\u003c/p\u003e\n"],["\u003cp\u003eChecks for the query_type field have been implemented.\u003c/p\u003e\n"]]],[],null,["# Change log for BLUECAT_DDI\n=========================="]]
