Change log for F5_BIGIP_APM
Date | Changes |
---|---|
2025-07-17 | Enhancement
- Added new grok patterns for `tmm` application logs to parse additional log variations containing rule names, application protocols, and file paths. - Implemented conditional logic to map appprotocol to standard values (HTTP, HTTPS, SSH) in event.idm.read_only_udm.network.application_protocol. - `event.idm.read_only_udm.intermediary.hostname` and `event.idm.read_only_udm.intermediary.asset.hostname`: Newly mapped `principal_hostname` raw log field with `event.idm.read_only_udm.intermediary.hostname` and `event.idm.read_only_udm.intermediary.asset.hostname` UDM fields. - `event.idm.read_only_udm.security_result.rule_name`: Newly mapped `rulename` raw log field with `event.idm.read_only_udm.security_result.rule_name` UDM field. - `event.idm.read_only_udm.target.file.full_path`: Newly mapped `filepath` raw log field with `event.idm.read_only_udm.target.file.full_path` UDM field. - `event.idm.read_only_udm.network.application_protocol`: Newly mapped `appprotocol` raw log field with `event.idm.read_only_udm.network.application_protocol` UDM field. |
2024-09-11 | Enhancement
- Added support to parse unparsed logs. |
2023-06-06 | - Newly created parser.
|