Stay organized with collections
Save and categorize content based on your preferences.
Change log for SYMANTEC_VIP
Date
Changes
2023-03-03
Enhancement- Mapped "userid" to "target.user.userid" for the logs that were not parsed already.
- Mapped "event_type" to "USER_LOGIN" for the logs where "userid" is present
else if "principal.hostname" is present then mapped "event_type" to "STATUS_UPDATE",
else mapped it to "GENERIC_EVENT".
- Parsed the logs that were dropped initially.
2022-08-03
BugFix - Added the grok pattern to handle the unparsed logs having log_type "remove_credentials".
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-04-12 UTC."],[[["The change log details updates for SYMANTEC_VIP, with a focus on log parsing and mapping."],["On March 3rd, 2023, enhancements included mapping \"userid\" and defining \"event_type\" based on log content, also fixed issues that resulted in logs being dropped."],["On August 3rd, 2022, a bug fix was implemented to parse logs with the \"remove_credentials\" log\\_type."]]],[]]
