Stay organized with collections
Save and categorize content based on your preferences.
Change log for GUARDICORE_CENTRA
Date
Changes
2024-12-04
Enhancement:
- Mapped start to "metadata.event_timestamp".
2024-11-05
Enhancement:
- Added support for new pattern of CEF logs.
2024-10-09
Enhancement:
- Added support to parse the unparsed logs.
- Changed mapping of "os_name" , "enforcement" ,and "AssetType" from "additional.fields" to "security_result.detection_fields".
2024-08-30
Enhancement:
- Modified the Grok pattern to parse new log types.
- Mapped "source.vm.name" to "principal.hostname".
- Mapped "bucket_id", "policy_verdict", "network_profile", "source_process_hash", and "display_provider" to "security_result.detection_fields".
- Mapped "display_type" to "principal.platform".
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-03-13 UTC."],[[["The GUARDICORE_CENTRA parser has undergone several enhancements, including mapping various fields to improve data interpretation and analysis."],["Support for new log patterns, including CEF logs, has been added to the parser."],["The parser has been modified to handle unparsed logs and adjust mapping locations for OS name, enforcement, and AssetType."],["Grok patterns have been modified to parse new log types, enhancing the parser's ability to process various data sources."],["The parser was newly created as of September 8th, 2023, and has been continually updated since."]]],[]]
