Stay organized with collections
Save and categorize content based on your preferences.
Change log for ZSCALER_FIREWALL
Date
Changes
2024-04-08
Enhancement:
- Added a "gsub" function to remove extra brackets to parse JSON logs.
- Mapped "column2" to "principal.user.email_addresses".
- Mapped "column35" to "principal.user.userid".
- Mapped "column36" to "principal.asset_id".
- Mapped "column4" to "additional.fields".
2023-09-12
Enhancement:
- Handled unparsed JSON format logs.
2023-03-28
Enhancement - Added some null checks and on_error statements to handle parsing errors.
- Added/Modified Grok patterns to parse the logs with CEF format.
- Handled the cases when "port", "received_bytes" or "ip" were not in their correct form.
2022-04-29
- Migrated to default parser.
- Converted from SDM to UDM.
2022-04-29
- Migrated to default parser.
- Converted from SDM to UDM.
2022-04-14
- Added new data element for secure result
- Modified mapping for target application, network duration