Stay organized with collections
Save and categorize content based on your preferences.
Change log for FORTINET_DHCP
Date
Changes
2022-11-21
Enhancement:
- Mapped the field "srcip" to "principal.ip".
- Mapped the field "srcport" to "principal.port".
- Mapped the field "srccountry" to "principal.location.country_or_region".
- Mapped the field "interface" to "principal.hostname".
- Mapped the field "user_name" to "principal.user.user_display_name".
- Mapped the field "srcuuid" to "principal.user.product_object_id".
- Mapped the field "host_name" to "intermediary.hostname".
- Mapped the field "dstip" to "target.ip".
- Mapped the field "dstport" to "target.port".
- Mapped the field "dstcountry" to "target.location.country_or_region".
- Mapped the field "application" to "target.application".
- Mapped the field "dstuuid" to "target.user.product_object_id".
- Mapped the field "url" to "target.url".
- Mapped the field "profile" to "target.resource.name".
- Mapped the field "sessionid" to "network.session_id".
- Mapped the field "direction" to "network.direction".
- Mapped the field "proto" to "network.ip_protocol".
- Mapped the field "duration" to "network.session_duration.seconds".
- Mapped the field "sentbyte" to "network.sent_bytes".
- Mapped the field "rcvdbyte" to "network.received_bytes".
- Mapped the field "level" to "security_result.severity_details".
- Mapped the field "policyid" to "security_result.rule_id".
- Mapped the field "policyname" to "security_result.rule_name".
- Mapped the field "policytype" to "security_result.rule_type".
- Mapped the field "catdesc" to "security_result.category_details".
- Mapped the field "crlevel" to "security_result.severity".
- Mapped the field "crscore" to "security_result.severity_details".
- Mapped the field "srcintf", "srcintfrole", "dstintf", "dstintfrole" and "craction" to "security_result.detection_fields".
- Mapped the field "sentpkt", "rcvdpkt" and "appcat" to "additional.fields".
- Mapped the field "action" to "security_result.action" and "security_result.action_details".
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-29 UTC."],[[["\u003cp\u003eThis changelog for FORTINET_DHCP details the field mappings updated on 2022-11-21.\u003c/p\u003e\n"],["\u003cp\u003eThe updates include mapping source-related fields like "srcip," "srcport," and "srccountry" to their corresponding "principal" categories.\u003c/p\u003e\n"],["\u003cp\u003eDestination-related fields such as "dstip," "dstport," and "dstcountry" were mapped to the "target" category.\u003c/p\u003e\n"],["\u003cp\u003eNetwork related fields like protocol and session id were mapped to "network" categories, and sent/received data were also included.\u003c/p\u003e\n"],["\u003cp\u003eSecurity related fields like policy, severity, action, and categories were mapped to the "security_result" category, while others like packet counts and application categories were mapped to "additional.fields".\u003c/p\u003e\n"]]],[],null,["Change log for FORTINET_DHCP\n\n| Date | Changes |\n|------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| 2022-11-21 | Enhancement: - Mapped the field \"srcip\" to \"principal.ip\". - Mapped the field \"srcport\" to \"principal.port\". - Mapped the field \"srccountry\" to \"principal.location.country_or_region\". - Mapped the field \"interface\" to \"principal.hostname\". - Mapped the field \"user_name\" to \"principal.user.user_display_name\". - Mapped the field \"srcuuid\" to \"principal.user.product_object_id\". - Mapped the field \"host_name\" to \"intermediary.hostname\". - Mapped the field \"dstip\" to \"target.ip\". - Mapped the field \"dstport\" to \"target.port\". - Mapped the field \"dstcountry\" to \"target.location.country_or_region\". - Mapped the field \"application\" to \"target.application\". - Mapped the field \"dstuuid\" to \"target.user.product_object_id\". - Mapped the field \"url\" to \"target.url\". - Mapped the field \"profile\" to \"target.resource.name\". - Mapped the field \"sessionid\" to \"network.session_id\". - Mapped the field \"direction\" to \"network.direction\". - Mapped the field \"proto\" to \"network.ip_protocol\". - Mapped the field \"duration\" to \"network.session_duration.seconds\". - Mapped the field \"sentbyte\" to \"network.sent_bytes\". - Mapped the field \"rcvdbyte\" to \"network.received_bytes\". - Mapped the field \"level\" to \"security_result.severity_details\". - Mapped the field \"policyid\" to \"security_result.rule_id\". - Mapped the field \"policyname\" to \"security_result.rule_name\". - Mapped the field \"policytype\" to \"security_result.rule_type\". - Mapped the field \"catdesc\" to \"security_result.category_details\". - Mapped the field \"crlevel\" to \"security_result.severity\". - Mapped the field \"crscore\" to \"security_result.severity_details\". - Mapped the field \"srcintf\", \"srcintfrole\", \"dstintf\", \"dstintfrole\" and \"craction\" to \"security_result.detection_fields\". - Mapped the field \"sentpkt\", \"rcvdpkt\" and \"appcat\" to \"additional.fields\". - Mapped the field \"action\" to \"security_result.action\" and \"security_result.action_details\". |"]]
