Stay organized with collections Save and categorize content based on your preferences.

Change log for AIRWATCH

Date Changes
2022-12-27 Bug Fix-
- Added support for different type of Syslog Format logs.
- Added specific conditional checks to handle multiple 'event_name'.
2022-09-02 Enhancement-
- Wrote grok to parse the unparsed ccf format logs.
2022-06-29 Enhancement- Parsed log with event_name as "MergeGroupCompletedEvent"
- mapped "GroupManagementData" to "security_result.description".
- mapped "EventSource", "EventModule" to "event.idm.read_only_udm.additional.fields".
- mapped "cat" to "security_result.category_details".
- modified "event.idm.read_only_udm.metadata.event_type" from "GENERIC_EVENT" to "USER_UNCATEGORIZED" in case either of "principal.user.userid" or "target.user.userid" is present.
2022-06-20 Enhancement- Event Category mapped to _udm.additional.fields(event_category)
Added event type GENERIC_EVENT for SecurityInformation, SecurityInformationConfirmed(event_name) to handle unparse log