Stay organized with collections
Save and categorize content based on your preferences.
Change log for ILLUMIO_CORE
Date
Changes
2024-11-14
Enhancement:
- When there is no principal machine data available, then mapped "metadata.event_type" to "GENERIC_EVENT".
- Mapped "uuid","change_type","href","name","hostname" labels to "sec_res.detection_fields"
2024-04-18
Enhancement:
- Enhanced parser to additionally support SYSLOG+CEF log formats.
2024-02-21
Enhancement:
- Enhanced parser to additionally support SYSLOG and SYSLOG+JSON log formats.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-29 UTC."],[[["\u003cp\u003eThe ILLUMIO_CORE parser has been updated to support SYSLOG, SYSLOG+JSON, and SYSLOG+CEF log formats, enhancing its versatility.\u003c/p\u003e\n"],["\u003cp\u003eIn cases where principal machine data is unavailable, the parser now maps "metadata.event_type" to "GENERIC_EVENT" and maps specific labels to "sec_res.detection_fields" to maintain data integrity.\u003c/p\u003e\n"],["\u003cp\u003eThe ILLUMIO_CORE parser was newly created in March of 2023 and has been regularly updated since then.\u003c/p\u003e\n"]]],[],null,["# Change log for ILLUMIO_CORE\n==========================="]]
