Change log for AZURE_FIREWALL
| Date | Changes |
|---|---|
| 2024-11-13 | Enhancement:
- Mapped "Action" to "security_result.detection_fields". - Mapped "Signature" to "security_result.detection_fields". - Mapped "IDS" to "security_result.detection_fields". - Mapped "Priority" to "security_result.priority_details". - Mapped "Classification" to "security_result.detection_fields". |
| 2024-09-04 | Enhancement:
- Mapped "from_ip" to "dns.questions.name" for DNS events. |
| 2024-07-02 | Enhancement:
- Added support to handle a new format of timestamp. |
| 2024-04-29 | Enhancement
- Added support to handle a new format of ingested logs. |
| 2024-02-07 | Enhancement
- Mapped "ICMP type" to "additional.fields". - Mapped "Action" and "properties.Action" to "security_result.action_details". |
| 2023-06-01 | Enhancement
- Newly ingested JSON logs of category "AZFWDnsQuery" are parsed. - Mapped "properties.msg" in newly ingested JSON logs of category "AzureFirewallNetworkRule". |
| 2022-04-29 | Bug fix - Newly ingested JSON logs are parsed to increase the overall parsing percentage.
- operationName mapped to metadata.product_event_type. - resourceId mapped to metadata.product_log_id. |