Change log for AZURE_WAF
| Date | Changes |
|---|---|
| 2024-08-22 | Enhancement:
- Mapped "properties.ruleSetType" to "security_result.detection_fields". - When "ruleName" and "ruleSetType" are null, mapped "properties.ruleSetType" to "security_result.rule_name". - Mapped "properties.details.data" to "security_result.detection_fields". - Mapped "properties.message" to "security_result.description". |
| 2024-06-10 | Enhancement:
- Modified the mapping of "properties.originalHost" (and fall back "properties.host" when originalHost is empty) to "target.hostname" and "target.asset.hostname" fields. - Added conditional check for "dest_ip". - Combined "properties.requestUri" and "target_hostname" to get "target_url". |
| 2024-04-07 | Enhancement:
- Mapped "rec.properties.clientIp" to "principal.ip". - Defined "rec_properties_trackingReference", "rec_properties_host", "rec_properties_policyMode", "rec_properties_ruleName", "rec_properties_policy", "rec_properties_details_msg", "rec_properties_clientIP", and "rec_time" in state data. |
| 2023-07-14 | Enhancement:
- Added a "for" loop to handle JSON logs. |
| 2023-02-28 | Enhancement:
- Mapped "properties.ruleName" to "security_result.rule_name". - Mapped "properties.action" to "security_result.action". - Added on_error check for "properties.clientPort", "properties.httpStatus", "properties.receivedBytes", "properties.sentBytes", "properties.clientResponseTime", "properties.timeTaken". |
| 2022-10-22 | Newly created parser |