Console

Change log for MCAFEE_IPS

Date	Changes
2025-07.02	- Added Grok patterns to parse the unparsed logs. - Added split operation and for loop to convert Ip's into an array of principal_ip. - 'event.idm.read_only_udm.principal.asset.ip' and 'event.idm.read_only_udm.principal.ip': Newly mapped 'principal_ip' raw log field with 'event.idm.read_only_udm.principal.ip' and 'event.idm.read_only_udm.principal.asset.ip' UDM fields. - Added has_principal and has_target to identify the event type. - Added on_error and if conditional statements wherever required.

Date

Changes

2025-07.02

- Added Grok patterns to parse the unparsed logs.
- Added split operation and for loop to convert Ip's into an array of principal_ip.
- 'event.idm.read_only_udm.principal.asset.ip' and 'event.idm.read_only_udm.principal.ip': Newly mapped 'principal_ip' raw log field with 'event.idm.read_only_udm.principal.ip' and 'event.idm.read_only_udm.principal.asset.ip' UDM fields.
- Added has_principal and has_target to identify the event type.
- Added on_error and if conditional statements wherever required.

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-08-18 UTC.