Change log for NASUNI_FILE_SERVICES
| Date | Changes |
|---|---|
| 2025-03-24 | - Added support for "csv" format.
- event.idm.read_only_udm.section_result.action_details: Newly mapped `action` raw log field with `event.idm.read_only_udm.section_result.action_details` UDM field. - event.idm.read_only_udm.target.user.group_identifiers: Newly mapped `group_identifiers` raw log field with `event.idm.read_only_udm.target.user.group_identifiers` UDM field. - event.idm.read_only_udm.metadata.event_timestamp: Newly mapped `event_timestamp` raw log field with `event.idm.read_only_udm.metadata.event_timestamp` UDM field. - event.idm.read_only_udm.principal.asset.ip: Newly mapped `ipaddr` raw log field with `event.idm.read_only_udm.principal.asset.ip` UDM field. - event.idm.read_only_udm.principal.asset.hostname: Newly mapped `host` raw log field with `event.idm.read_only_udm.principal.asset.hostname` UDM field. - Added grok pattern in order to map `ipaddr` raw log field with `event.idm.read_only_udm.principal.ip` and `event.idm.read_only_udm.principal.asset.ip` UDM fields only if it is a valid IP. |
| 2022-08-21 | - Mapped "newpath" to "additional.fields".
|
| 2022-08-08 | Enhancement:
- Added a Grok pattern to handle new SYSLOG logs. - Added conditonal check for "event_type" "FILE_UNCATEGORIZED". - Added "event_type" "STATUS_UPDATE" - Mapped "application" to "target.application". - Mapped "prin_port" to "principal.port". - Mapped "host" to "principal.hostname". - Mapped "proc_id" to "principal.process.pid". |
| 2022-07-07 | Newly created parser
|