Stay organized with collections
Save and categorize content based on your preferences.
Change log for CLOUDGENIX_SDWAN
Date
Changes
2022-09-08
Enhancement-
- Added conditional check for "PROTOCOL_NAME".
- Added conditional check for "MSG" if it is similar "failure,fail,invalid user,closed,closing" set event_type to "STATUS_SHUTDOWN".
- Set event_type to "NETWORK_FLOW" when "principal.ip" and "target.ip" not null.
- Set event_type to "STATUS_STARTUP" when "MSG" similar to "initiating,establishing,establishing,check pass".
- Set event_type to "STATUS_UNCATEGORIZED" when "MSG" similar to "no such user".
- Added grok pattern for "MSG" to retrieve "dest_ip" and Mapped it to "target.ip".
- Added grok pattern for the new logs to retrieve "ION_HOST".
- Mapped "ION_HOST" to "principal.hostname".
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-03-13 UTC."],[[["This changelog details updates for CLOUDGENIX_SDWAN as of September 8, 2022."],["Conditional checks were implemented for \"PROTOCOL_NAME\" and specific \"MSG\" content to refine event type categorization."],["Event types are now dynamically set based on the content of \"MSG,\" including \"STATUS_SHUTDOWN,\" \"NETWORK_FLOW,\" \"STATUS_STARTUP,\" and \"STATUS_UNCATEGORIZED\"."],["New grok patterns were introduced to extract \"dest_ip\" and map it to \"target.ip,\" as well as to retrieve \"ION_HOST\" and map it to \"principal.hostname\"."]]],[]]
