Stay organized with collections
Save and categorize content based on your preferences.
Change log for WINDOWS_NET_POLICY_SERVER
Date
Changes
2024-12-26
- Added support for JSON logs.
2024-12-05
- Added a new Grok pattern to extract "src_ip" and mapped it to "principal.ip" and "principal.asset.ip".
2024-03-27
- Added a check for "calling_station_id", "device-mac" and "mac_address".
- If "nas_port" is not in the range 1 and 65535, then mapped "nas_port" to "target.resource.attribute.labels".
2022-11-21
- Mapped event_source to target.application
- added new grok pattern to parse the data
- Mapped called-station_Id/macaddress to target.mac
- Mapped calling-station-Id/macaddress to principal.mac
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-29 UTC."],[[["\u003cp\u003eThe system now supports JSON logs as of December 26, 2024.\u003c/p\u003e\n"],["\u003cp\u003eA new Grok pattern was added on December 5, 2024, to extract "src_ip" and map it to "principal.ip" and "principal.asset.ip".\u003c/p\u003e\n"],["\u003cp\u003eAs of March 27, 2024, the system checks for "calling_station_id", "device-mac", and "mac_address", and maps "nas_port" to "target.resource.attribute.labels" if it's outside the 1-65535 range.\u003c/p\u003e\n"],["\u003cp\u003eOn November 21, 2022, event_source was mapped to target.application, new grok pattern was added to parse data, and called/calling-station_Id/macaddress were mapped to target.mac/principal.mac.\u003c/p\u003e\n"]]],[],null,["# Change log for WINDOWS_NET_POLICY_SERVER\n========================================"]]
