Stay organized with collections
Save and categorize content based on your preferences.
Change log for ARBOR_SIGHTLINE
Date
Changes
2024-04-22
- Added support for new fields.
2022-12-16
- Mapped "Active/Cleared" to "security_result.threat_status".
2022-11-16
Enhancement:
- Added "timezone"="Europe/London" to match the date to BST format.
2022-11-04
- Added grok pattern to parse syslog log.
- Mapped "intem_host" to "target.group.product_object_id".
- Mapped "alert_id","parent_managed_object" to "security_result.detection_fields".
- When "message" is equal to "Host Detection" then mapped "metadata.product_event_type" to "Host Detection".
- When "message" is equal to "started" then mapped "metadata.product_event_type" to "TMS Mitigation started".
- When "message" is equal to "stopped" then mapped "metadata.product_event_type" to "TMS Mitigation stopped".
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2024-11-06 UTC."],[],[]]
