Stay organized with collections Save and categorize content based on your preferences.

Change log for APACHE

Date Changes
2023-02-20 Enhancement:
- Modified Grok pattern to support incorrect log parsing.
- Converted "user_agent" to "network.http.parsed_user_agent".
2022-09-21 Enhancement: - Migrated to default parser.
2022-09-07 Enhancement:
- Added grok patterns to parse logs with json + syslog format.
- Mapped the field 'host.name' and 'hostname' to 'target.hostname'.
- Mapped the field 'log.file.path' to 'principal.process.file.full_path'.
- Mapped the field 'mac' to 'principal.mac'.
- Mapped the field 'ip' to 'principal.asset.ip'.
- Mapped the field 'os.version' to 'principal.platform_version'.
- Mapped the field 'os.kernel' to 'principal.platform_patch_level'.
- Mapped the field 'os.platform' to 'principal.platform'.
- Mapped the field 'architecture' to 'principal.asset.hardware'.
- Mapped the field 'id' to 'principal.asset.asset_id'.
2022-05-12 Enhancement:
Added grok patterns for unique unparsed logs.
- Added conditional checks for 'network.http.user_agent' and 'network.http.referral_url'.
- Added support for Apache Traffic Server (ATS) proxy logs.