Change log for FORCEPOINT_EMAILSECURITY
| Date | Changes |
|---|---|
| 2025-04-04 | Enhancement:
-`SYSLOG`: Added support for `SYSLOG` format. - `event.idm.ready_only_udm.metadata.product_version`: Newly mapped "version" raw log field with "event.idm.ready_only_udm.metadata.product_version" UDM field. - `event.idm.ready_only_udm.principal.hostname`: Newly mapped "dvchost" raw log field with "event.idm.ready_only_udm.principal.hostname" and "event.idm.ready_only_udm.principal.asset.hostname" UDM fields. - `event.idm.ready_only_udm.metadata.product_log_id`: Newly mapped "externalId" raw log field with "event.idm.ready_only_udm.metadata.product_log_id" UDM field. - `event.idm.ready_only_udm.principal.resource.attribute.labels`: Newly mapped "messageId" raw log field with "event.idm.ready_only_udm.principal.resource.attribute.labels" UDM field. - `event.idm.ready_only_udm.target.user.email_addresses`: Newly mapped "duser" raw log field with "event.idm.ready_only_udm.target.user.email_addresses" UDM field. - `event.idm.ready_only_udm.principal.user.userid`: Newly mapped "suser" raw log field with "event.idm.ready_only_udm.principal.user.userid" UDM field. - `event.idm.ready_only_udm.principal.ip`: Newly mapped "src" raw log field with "event.idm.ready_only_udm.principal.ip" and "event.idm.ready_only_udm.principal.asset.ip" UDM fields. - `event.idm.ready_only_udm.target.ip`: Newly mapped "dst" raw log field with "event.idm.ready_only_udm.target.ip" and "event.idm.ready_only_udm.target.asset.ip" UDM fields. - `event.idm.ready_only_udm.network.tls.cipher`: Newly mapped "encryptedDelivery" raw log field with "event.idm.ready_only_udm.network.tls.cipher" UDM field. - `event.idm.ready_only_udm.network.http.response_code`: Newly mapped "deliveryCode" raw log field with "event.idm.ready_only_udm.network.http.response_code" UDM field. - `event.idm.read_only_udm.additional.fields`: Newly mapped "deliveryCodeInfo" raw log field with "event.idm.read_only_udm.additional.fields" UDM field. - `event.idm.ready_only_udm.network.email.mail_id`: Newly mapped "message_id" raw log field with "event.idm.ready_only_udm.network.email.mail_id" UDM field. - `event.idm.ready_only_udm.principal.resource.attribute.labels`: Newly mapped "internal_id" raw log field with "event.idm.ready_only_udm.principal.resource.attribute.labels" UDM field. - `event.idm.ready_only_udm.target.hostname`: Newly mapped "hostname" raw log field with "event.idm.ready_only_udm.target.hostname" and "event.idm.ready_only_udm.target.asset.hostname" UDM fields. - `event.idm.ready_only_udm.network.sent_bytes`: Newly mapped "message_size" raw log field with "event.idm.ready_only_udm.network.sent_bytes" UDM field. - `event.idm.ready_only_udm.network.application_protocol`: Newly mapped "app" raw log field with "event.idm.ready_only_udm.network.application_protocol" UDM field. - `event.idm.ready_only_udm.security_result.description`: Newly mapped "act" raw log field with "event.idm.ready_only_udm.security_result.description" UDM field. - `event.idm.ready_only_udm.network.email.from`: Newly mapped "from" raw log field with "event.idm.ready_only_udm.network.email.from" UDM field. - `event.idm.ready_only_udm.network.email.to`: Newly mapped "to" raw log field with "event.idm.ready_only_udm.network.email.to" UDM field. - `event.idm.ready_only_udm.metadata.description`: Newly mapped "msg" raw log field with "event.idm.ready_only_udm.metadata.description" UDM field. - `event.idm.ready_only_udm.network.email.cc`: Newly mapped "cc" raw log field with "event.idm.ready_only_udm.network.email.cc" UDM field. - `event.idm.ready_only_udm.network.email.subject`: Newly mapped "x_mailer" raw log field with "event.idm.ready_only_udm.network.email.subject" UDM field. - `event.idm.ready_only_udm.principal.resource.attribute.labels`: Newly mapped "spfResult" raw log field with "event.idm.ready_only_udm.principal.resource.attribute.labels" UDM field. - `event.idm.ready_only_udm.principal.resource.attribute.labels`: Newly mapped "event" raw log field with "event.idm.ready_only_udm.principal.resource.attribute.labels" UDM field. |
| 2024-08-22 | Enhancement:
- Added support for a new log format of JSON logs. |
| 2024-05-30 | - Newly created parser.
|