Change log for GCP_VPC_FLOW
| Date | Changes |
|---|---|
| 2024-10-24 | Enhancement -
- Interchanged mapping of "principal.ip", "principal.port" with "target.ip" and "target.port" respectively. |
| 2024-03-15 | Enhancement -
- Mapped "jsonPayload.src_gke_details.pod.pod_namespace", "jsonPayload.src_gke_details.pod.pod_name", "jsonPayload.src_gke_details.cluster.cluster_name", "jsonPayload.src_gke_details.cluster.cluster_location" to "principal.resource.attribute.labels". - Mapped "jsonPayload.dest_gke_details.pod.pod_namespace", "jsonPayload.dest_gke_details.pod.pod_name", "jsonPayload.dest_gke_details.cluster.cluster_name", "jsonPayload.dest_gke_details.cluster.cluster_location" to "target.resource.attribute.labels". |
| 2023-05-23 | Enhancement -
- Mapped 'metadata.event_type' to 'USER_RESOURCE_ACCESS' when field 'logName' does not contain 'vpc_flows'. - Mapped 'timestamp' to 'events.timestamp'. - Mapped 'textPayload', 'labels.tunnel_id' to 'additional.fields'. - Mapped 'resource.labels.region' to 'target.location.country_or_region'. - Added null checks for various fields wherever required. |
| 2023-04-10 | Enhancement -
- Set "target.resource.attribute.cloud.environment" to "GOOGLE_CLOUD_PLATFORM". - Set "target.resource.name" to the full resource name value. |
| 2022-07-22 | Enhancement:
- Mapped "resource.labels.location" to "principal.location.name". - Mapped "resource.labels.subnetwork_id" to "target.user.attribute.labels". - Mapped "logName" to "security_result.category_details". |