Stay organized with collections
Save and categorize content based on your preferences.
Change log for KEMP_LOADBALANCER
Date
Changes
2025-04-02
Enhancement:
- Added Grok patterns to parse the unparsed logs.
- event.idm.read_only_udm.additional.fields: Newly mapped `meta_sequenceId` raw log field with `event.idm.read_only_udm.additional.fields` UDM field
- Added a gsub to replace '\\r\\n' with ' ' on "message" to parse the logs.
- Added a condition check to map event_type to "USER_UNCATEGORIZED" if des_ip is not equal to null, else mapped "event_type" to "GENERIC_EVENT"
- Added a condition check before mapping "sshd" to "target.application".
- Added a condition check before mapping "pid" to "target.process.pid".
2025-01-13
Enhancement:
- Added support for a new pattern of syslog logs.
- Mapped "event_type" to "USER_UNCATEGORIZED" and "STATUS_UPDATE".
2023-05-31
Enhancement: Parsed logs with events as "Connected", "Slave accept", "Block access to host".
- Mapped "srcip" to "principal.ip".
- Mapped "dstip" to "target.ip".
- Mapped "vs" to "target.ip".
- Mapped "srcport" to "principal.port".
- Mapped "dstport" to "target.port".
- Mapped "resource" to "target.url".
- Mapped "event" to "metadata.product_event_type".
- Parsed failing syslog logs.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-04-29 UTC."],[[["KEMP\\_LOADBALANCER has been updated to support a new syslog log pattern."],["New mappings have been added for various fields, including `event_type`, `srcip`, `dstip`, `vs`, `srcport`, `dstport`, `resource`, and `event`."],["The log parsing now includes events labeled as \"Connected\", \"Slave accept\", and \"Block access to host\"."],["Improvements have been made to handle failing syslog logs within the system."]]],[]]
