Change log for ARUBA_WIRELESS
Date | Changes |
---|---|
2024-09-04 | Enhancement:
- Added support for a new pattern of SYSLOG logs. |
2024-08-26 | Enhancement:
- Added support to handle unparsed SYSLOG logs. - Mapped "details" to "metadata.description". |
2024-06-18 | Enhancement:
- Added support to handle unparsed SYSLOG logs. |
2024-04-18 | Enhancement :
- Added a Grok pattern to extract valid value from "ap_name". - Mapped "ap_name" to "additional.fields". |
2023-05-25 | Bug-Fix :
- Parsed logs failing due to a different log pattern. |
2022-09-15 | Bug-Fix :
- Modified grok pattern to parse logs which may have date field in the timestamp of log and also certain logs may not have key "userip" in the log. - Modified "metadata.event_type" from "GENERIC_EVENT" to "STATUS_UPDATE" wherever possible. |
2022-08-23 | Enhancement-
- Migrated customer specific parser to default parser. - Modified mapping for 'metadata.event_type' from 'GENERIC_EVENT' to 'USER_RESOURCE_ACCESS' where event_id is '132053'. |
2022-03-30 | Enhancement - Added following new Event Ids "124003", "126037", "126038", "199801", "235008", "235009", "304119", "306602", "326091", "326098", "326271", "326272", "326273", "326274", "326275", "326276", "326277", "326278", "326284", "341004", "350008", "351008", "358000", "393000", "399815", "520013", "522274", "541004"
Changed "metadata.event_type" where the "Event Id" is "126034", "126064", "127064", "132006", "132030", "132093", "132094", "132197" from "GENERIC_EVENT" to "SCAN_UNCATEGORIZED" Changed "metadata.event_type" where the "Event Id" is "132207" from "GENERIC_EVENT" to "NETWORK_CONNECTION" Changed "metadata.event_type" where the "Event Id" is "520002" from "GENERIC_EVENT" to "USER_UNCATEGORIZED" Mapped "intermediary.hostname", "intermediary.mac", "intermediary.ip", "target.application", "target.process.pid" Mapped "logstash.irm_site", "logstash.irm_environment", "logstash.irm_region" to "additional.fields" |