Change log for UMBRELLA_IP
| Date | Changes |
|---|---|
| 2025-08-07 | Enhancement:
- Remove uneccesssary initialization of variables to correctly populate the fields. |
| 2025-02-27 | Enhancement:
- Added support to parse unparsed csv logs. |
| 2022-08-22 | Enhancement:
- Mapped the field 'action' to 'security_result.action' and 'security_result.action_details'. - Added grok for the field 'query_type' and mapped it to 'network.dns.questions.type'. - Mapped the field 'domain' to 'network.dns.questions.name'. - Mapped 'DNS' to 'network.application_protocol'. - Mapped the field 'response_code' to 'network.dns.response_code'. - Mapped 'security_result.category' to 'NETWORK_MALICIOUS' where the field 'categories' contains 'Malware' and 'NETWORK_SUSPICIOUS' where 'categories' contains 'Potentially Harmful'. - Mapped the field 'categories' to 'security_result.category_details'. |