Stay organized with collections
Save and categorize content based on your preferences.
Change log for JUNIPER_JUNOS
Date
Changes
2024-06-18
Enhancement-
- Added support to handle unparsed SYSLOG logs.
2024-06-07
Enhancement-
- Added Grok patterns to parse the new pattern of SYSLOG logs.
- When "protocol-name" has a valid IP protocol, then mapped "protocol-name" to "network.ip_protocol".
2024-05-02
Enhancement-
- Added Grok patterns to support new SYSLOG + KV format logs.
2023-10-25
Enhancement-
- Added Grok patterns to parse unparsed logs.
- Mapped "source_port" to "principal.port".
- Mapped "source_address" to "principal.ip".
- Mapped "user_name" to "target.user.userid".
- Mapped "application_name" to "target.application".
- Mapped "p_id" to "target.process.pid".
- Added "invalid_pattern" check before KV mapping.
- Added a Grok pattern to map "security_result.description" when "description_present" is false.
2023-08-17
Enhancement-
- Added Grok pattern to parsed unparsed logs.
- Mapped "msg" to "security_result.summary".
- Mapped "src_ip" to "principal.ip".
- Mapped "user" to "target.user.userid".
- Mapped "username" to "principal.user.userid".
- Mapped "command" to "target.process.command_line".
- Mapped "src_port" to "principal.port".
- Mapped "ssh2" to "security_result.detection_fields".
- Mapped "sha256" to "principal.process.file.sha256".
- Mapped "desc" to "sec_result.summary".
- Mapped "mac-address" to "principal.mac".
- Mapped "host" to "principal.hostname" if event_type is "STATUS_UPDATE".
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-29 UTC."],[],[],null,["Change log for JUNIPER_JUNOS\n\n| Date | Changes |\n|------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| 2024-06-18 | Enhancement- - Added support to handle unparsed SYSLOG logs. |\n| 2024-06-07 | Enhancement- - Added Grok patterns to parse the new pattern of SYSLOG logs. - When \"protocol-name\" has a valid IP protocol, then mapped \"protocol-name\" to \"network.ip_protocol\". |\n| 2024-05-02 | Enhancement- - Added Grok patterns to support new SYSLOG + KV format logs. |\n| 2023-10-25 | Enhancement- - Added Grok patterns to parse unparsed logs. - Mapped \"source_port\" to \"principal.port\". - Mapped \"source_address\" to \"principal.ip\". - Mapped \"user_name\" to \"target.user.userid\". - Mapped \"application_name\" to \"target.application\". - Mapped \"p_id\" to \"target.process.pid\". - Added \"invalid_pattern\" check before KV mapping. - Added a Grok pattern to map \"security_result.description\" when \"description_present\" is false. |\n| 2023-08-17 | Enhancement- - Added Grok pattern to parsed unparsed logs. - Mapped \"msg\" to \"security_result.summary\". - Mapped \"src_ip\" to \"principal.ip\". - Mapped \"user\" to \"target.user.userid\". - Mapped \"username\" to \"principal.user.userid\". - Mapped \"command\" to \"target.process.command_line\". - Mapped \"src_port\" to \"principal.port\". - Mapped \"ssh2\" to \"security_result.detection_fields\". - Mapped \"sha256\" to \"principal.process.file.sha256\". - Mapped \"desc\" to \"sec_result.summary\". - Mapped \"mac-address\" to \"principal.mac\". - Mapped \"host\" to \"principal.hostname\" if event_type is \"STATUS_UPDATE\". |\n| 2023-01-15 | Enhancement- - Modified Grok pattern to support unparsed logs containing type \"UI_CMDLINE_READ_LINE\", \"UI_COMMIT_PROGRESS\", \"UI_CHILD_START\", \"UI_CFG_AUDIT_OTHER\", \"UI_LOGIN_EVENT\", \"UI_CHILD_STATUS\", \"UI_LOGOUT_EVENT\", \"UI_LOAD_EVENT\", \"JTASK_IO_CONNECT_FAILED\", \"UI_AUTH_EVENT\", \"UI_NETCONF_CMD\", \"UI_COMMIT_NO_MASTER_PASSWORD\", \"UI_CFG_AUDIT_SET\", \"UI_JUNOSCRIPT_CMD\", \"SNMPD_AUTH_FAILURE\", \"UI_CFG_AUDIT_NEW\", \"UI_COMMIT\" , \"LIBJNX_LOGIN_ACCOUNT_LOCKED\", \"UI_COMMIT_COMPLETED\", \"PAM_USER_LOCK_LOGIN_REQUESTS_DENIED\", \"RTPERF_CPU_USAGE_OK\", \"RTPERF_CPU_THRESHOLD_EXCEEDED\", \"LIBJNX_LOGIN_ACCOUNT_UNLOCKED\", \"JSRPD_SET_OTHER_INTF_MON_FAIL\", \"JSRPD_SET_SCHED_MON_FAILURE\", \"UI_CHILD_WAITPID\", \"UI_DBASE_LOGIN_EVENT\". |\n| 2022-05-02 | New default parser. |"]]