Change log for TERADATA_DB

Date	Changes
2025-03-21	Enhancement: - Newly created parser. - Mapped "ts" to "metadata.event_timestamp". - Mapped "profile_name" to "principal.user.user_display_name". - Mapped "app_id" to "principal.application". - Mapped "client_addr" to "principal.ip" and "principal.asset.ip". - Mapped "client_id" to "principal.user.userid". - Mapped "collect_timestamp" to "event.idm.read_only_udm.additional.fields". - Mapped "default_database" to "target.resource.name". - Mapped "error_code" to "security_result.detection_fields". - Mapped "error_text" to "security_result.summary". - Mapped "host_name" to "principal.hostname" and "principal.asset.hostname". - Mapped "logon_date_time" to "event.idm.read_only_udm.additional.fields". - Mapped "logon_source" to "event.idm.read_only_udm.additional.fields". - Mapped "proc_id" to "principal.process.pid". - Mapped "query_text" to "target.process.command_line". - Mapped "request_mode" to "event.idm.read_only_udm.additional.fields". - Mapped "session_id" to "network.session_id". - Mapped "statement_group" to "event.idm.read_only_udm.additional.fields". - Mapped "statement_type" to "event.idm.read_only_udm.additional.fields". - Mapped "user_id" to "target.user.userid". - Mapped "user_name" to "target.user.user_display_name". - Set "metadata.vendor_name" to "TERADATA". - Set "metadata.product_name" to "TERADATA_DB". - Set "metadata.event_type" to "USER_RESOURCE_ACCESS", "STATUS_UPDATE", or "GENERIC_EVENT" based on the presence of principal, principal user, and target resource.

Date

Changes

2025-03-21

Enhancement:
- Newly created parser.
- Mapped "ts" to "metadata.event_timestamp".
- Mapped "profile_name" to "principal.user.user_display_name".
- Mapped "app_id" to "principal.application".
- Mapped "client_addr" to "principal.ip" and "principal.asset.ip".
- Mapped "client_id" to "principal.user.userid".
- Mapped "collect_timestamp" to "event.idm.read_only_udm.additional.fields".
- Mapped "default_database" to "target.resource.name".
- Mapped "error_code" to "security_result.detection_fields".
- Mapped "error_text" to "security_result.summary".
- Mapped "host_name" to "principal.hostname" and "principal.asset.hostname".
- Mapped "logon_date_time" to "event.idm.read_only_udm.additional.fields".
- Mapped "logon_source" to "event.idm.read_only_udm.additional.fields".
- Mapped "proc_id" to "principal.process.pid".
- Mapped "query_text" to "target.process.command_line".
- Mapped "request_mode" to "event.idm.read_only_udm.additional.fields".
- Mapped "session_id" to "network.session_id".
- Mapped "statement_group" to "event.idm.read_only_udm.additional.fields".
- Mapped "statement_type" to "event.idm.read_only_udm.additional.fields".
- Mapped "user_id" to "target.user.userid".
- Mapped "user_name" to "target.user.user_display_name".
- Set "metadata.vendor_name" to "TERADATA".
- Set "metadata.product_name" to "TERADATA_DB".
- Set "metadata.event_type" to "USER_RESOURCE_ACCESS", "STATUS_UPDATE", or "GENERIC_EVENT" based on the presence of principal, principal user, and target resource.