Stay organized with collections
Save and categorize content based on your preferences.
Change log for FORGEROCK_OPENIDM
Date
Changes
2025-02-13
Enhancement:
- Added a new Grok pattern to parse new format logs.
- Mapped "elapsed_time" and "X-Content-Type-Options" to "additional.fields".
- When "Host" has "ip", then mapped "Host" to "principal.ip".
2025-01-24
Enhancement:
- Added support for syslog format logs.
2024-11-28
Enhancement:
- Added support for a new array format of the logs.
2024-06-15
Enhancement:
- Mapped "trackingIds.0" to "metadata.product_log_id".
- Mapped "principalData.0" to "principal.user.userid".
- Mapped "context.userRolesProperty", "context.authenticationId", and "context.authenticationIdProperty" to "principal.user.attribute.roles".
- Mapped "context.component", "context.moduleId", and "context.queryId" to "principal.resource.attribute.labels".
- Mapped "context.roles", "_normalized.fieldNames", and "_eventId" to "additional.fields".
- Removed "gsubs" to handle array values of "principalData" and "trackingIds".
- When "status" is nearly equal to "success", then set "security_result.action" to "ALLOW".
- When "status" is nearly equal to "fail", then set "security_result.action" to "BLOCK".
- Initialized "security_result" to null.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-29 UTC."],[[["\u003cp\u003eThe parser for FORGEROCK_OPENIDM has been enhanced to support various log formats, including syslog and a new array format.\u003c/p\u003e\n"],["\u003cp\u003eNew mappings have been added to better organize log data, including mapping fields like "elapsed_time", "X-Content-Type-Options", "trackingIds.0", and others to relevant categories.\u003c/p\u003e\n"],["\u003cp\u003eThe parser now features logic to determine security actions, setting "security_result.action" to "ALLOW" for "success" status and "BLOCK" for "fail" status.\u003c/p\u003e\n"],["\u003cp\u003eA new Grok pattern has been introduced to interpret newly formatted logs, improving the parsing capabilities.\u003c/p\u003e\n"],["\u003cp\u003eThe parser has been created initially on the 2024-04-03.\u003c/p\u003e\n"]]],[],null,["# Change log for FORGEROCK_OPENIDM\n================================"]]