Stay organized with collections
Save and categorize content based on your preferences.
Change log for CLOUDGENIX_SDWAN
Date
Changes
2022-09-08
Enhancement-
- Added conditional check for "PROTOCOL_NAME".
- Added conditional check for "MSG" if it is similar "failure,fail,invalid user,closed,closing" set event_type to "STATUS_SHUTDOWN".
- Set event_type to "NETWORK_FLOW" when "principal.ip" and "target.ip" not null.
- Set event_type to "STATUS_STARTUP" when "MSG" similar to "initiating,establishing,establishing,check pass".
- Set event_type to "STATUS_UNCATEGORIZED" when "MSG" similar to "no such user".
- Added grok pattern for "MSG" to retrieve "dest_ip" and Mapped it to "target.ip".
- Added grok pattern for the new logs to retrieve "ION_HOST".
- Mapped "ION_HOST" to "principal.hostname".
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-29 UTC."],[[["\u003cp\u003eThis changelog details updates for CLOUDGENIX_SDWAN as of September 8, 2022.\u003c/p\u003e\n"],["\u003cp\u003eConditional checks were implemented for "PROTOCOL_NAME" and specific "MSG" content to refine event type categorization.\u003c/p\u003e\n"],["\u003cp\u003eEvent types are now dynamically set based on the content of "MSG," including "STATUS_SHUTDOWN," "NETWORK_FLOW," "STATUS_STARTUP," and "STATUS_UNCATEGORIZED".\u003c/p\u003e\n"],["\u003cp\u003eNew grok patterns were introduced to extract "dest_ip" and map it to "target.ip," as well as to retrieve "ION_HOST" and map it to "principal.hostname".\u003c/p\u003e\n"]]],[],null,["# Change log for CLOUDGENIX_SDWAN\n==============================="]]
