Change log for IBM_WEBSEAL
| Date | Changes |
|---|---|
| 2025-03-03 | Enhancement:
- Mapped "src_host" to "principal.hostname" - Mapped "src_app" to "principal.application" - Mapped "network_method" to "network.http.method" - Mapped "dst_url" to "target.url" - Mapped "app_protocol" to "additional.fields" - Mapped "res_code" to "network.http.response_code" - Mapped "sent_bytes" to "network.sent_bytes" - Mapped "rec_bytes" to "network.received_bytes" - Mapped "app_proto" to "network.application_protocol" - Mapped "src_port" to "principal.port" - Mapped "dst_host" to "target.hostname" - Mapped "level" to "security_result.severity" - Mapped "error" to "target.resource.attribute.labels" - Mapped "description" to "security_result.description" - Mapped "operation" to "target.user.attribute.labels" - Mapped "username" to "target.user.userid" - Mapped "authSourceCode" to "additional.fields" - Mapped "accountValid" to "additional.fields" - Mapped "passwordValid" to "additional.fields" - Mapped "hashedPassword" to "additional.fields" - Mapped "registryDn" to "target.user.attribute.labels" - Mapped "secUserDn" to "target.resource.attribute.labels" - Mapped "passwordResetAllowed" to "additional.fields" - Mapped "nonExpiringPassword" to "additional.fields" - Mapped "customPasswordPolicy" to "additional.fields" - Mapped "authSource" to "additional.fields". |
| 2024-01-22 | Enhancement: Added Grok patterns to support new format of logs.
|
| 2023-11-17 | Newly created parser. |