Console

Change log for SOPHOS_AV

Date	Changes
2024-08-22	Enhancement - - Added a Grok pattern to parse new logs. - Mapped "appSha256" to "principal.file.sha256".
2022-07-27	Enhancement - - Added conditional check for fields "rule" and "rules". - Mapped "src_ip" to "principal.ip". - Mapped "f_path" to "target.file.full_path". - Mapped "rules" to "security_result.rule_name". - Mapped "url" to "target.url". - Mapped "application" to "target.application". - Mapped "duid" to "target.user.userid". - Mapped "endpoint_type" to "security_result.about.labels". - Mapped "endpoint_id" to "security_result.about.labels". - Mapped "id" to "principal.resource.id". - Mapped "customer_id" to "target.resource.id".

Date

Changes

2024-08-22

Enhancement -
- Added a Grok pattern to parse new logs.
- Mapped "appSha256" to "principal.file.sha256".

2022-07-27

Enhancement -
- Added conditional check for fields "rule" and "rules".
- Mapped "src_ip" to "principal.ip".
- Mapped "f_path" to "target.file.full_path".
- Mapped "rules" to "security_result.rule_name".
- Mapped "url" to "target.url".
- Mapped "application" to "target.application".
- Mapped "duid" to "target.user.userid".
- Mapped "endpoint_type" to "security_result.about.labels".
- Mapped "endpoint_id" to "security_result.about.labels".
- Mapped "id" to "principal.resource.id".
- Mapped "customer_id" to "target.resource.id".

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-08-29 UTC.