Change log for PROOFPOINT_CASB
| Date | Changes |
|---|---|
| 2025-03-20 | Enhancement:
- Mapped "id" , "tenant_id" and "type" fields to "additional.fields". - Mapped "sub_type" to "target.resource.resource_subtype". - Mapped "severity" to "security_result.severity". - Mapped "description" to "security_result.description". - Mapped "title" to "metadata.description". - Mapped "threat" to "security_result.threat_name". - Mapped "sub_category" to "security_result.summary". - Mapped "category" to "security_result.category_details". - Mapped "classification id to "security_result.rule_id". - Mapped "ip_address" to "principal.ip". - Mapped "geo_location_latitude" to "principal.location.region_latitude". - Mapped "geo_location_longitude" to "principal.location.region_longitude". - Mapped "location" to "principal.location.name". - Mapped "user_agent" to "network.http.user_agent". - Mapped "full_name" to "principal.user.user_display_name". - Mapped "user_email" to "principal.user.email_addresses". - Mapped "user_id" to "principal.user.userid". - Mapped "event_id" to "metadata.product_log_id". - Mapped "cloud_services" to "target.application". |
| 2025-03-14 | Enhancement:
- Added support for new format of JSON logs. |
| 2024-09-07 | - Newly created parser.
|