Stay organized with collections
Save and categorize content based on your preferences.
Change log for MIKROTIK_ROUTER
Date
Changes
2025-02-25
Enhancement:
- Added "gsub" to parse valid "client_mac" to "principal.mac".
2025-02-07
Enhancement:
- Changed "WORD" to "DATA" in the Grok pattern.
2025-01-21
Enhancement:
- Mapped "metadata.event_type" to "NETWORK_DHCP" for DHCP logs.
- Mapped "client_mac" to "principal.mac".
- When "details" has "assigned", then mapped "network.dhcp.type" to "ACK".
- When "details" has "deassigned", then mapped "network.dhcp.type" to "RELEASE".
- When "details" has "request", then mapped "network.dhcp.type" to "REQUEST".
- When "details" has "offer", then mapped "network.dhcp.type" to "OFFER".
2025-01-20
Enhancement:
- Modified the Grok pattern to parse "intermediary.hostname" data.
2024-12-18
Enhancement:
- Added support for new format of syslog logs.
2024-11-26
Enhancement:
- Modified the Grok pattern to remove "period" from the data.
- Mapped "server_name" to "target.hostname" and "target.asset.
2024-11-15
Enhancement:
- Mapped "action" to "security_result.action".
2024-09-30
- Changed mapping for "username" from "principal.user.userid", "src.user.userid" to "target.user.userid".
- For the login event, mapped "metadata.event_type" to "USER_LOGIN".
- For the logout event, mapped "metadata.event_type" to "USER_LOGOUT".
- Mapped "application" to "target.application".
- Mapped "bytes_in" to "network.received_bytes".
- Mapped "bytes_out" to "network.sent_bytes".
- Mapped "connection_time_in_seconds", "packets_in" and "packets_out" to "security_result.detection_fields".
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-06 UTC."],[[["The change log details enhancements and modifications made to the MIKROTIK_ROUTER system, spanning from May 2024 to February 2025."],["Updates include improvements to the Grok pattern for data parsing, such as changing \"WORD\" to \"DATA\" and removing \"period\" data, and handling \"intermediary.hostname\"."],["Multiple changes have been made to field mappings, including adjustments to metadata for user login and logout events, DHCP logs, and the designation of server names and user information."],["The system now supports a new format of syslog logs, expanding its capability to handle different log structures."],["The parser for the system has been created, marking a new start to the systems abilities."]]],[]]
