Change log for BEYONDTRUST_ENDPOINT
Date | Changes |
---|---|
2024-09-05 | Enhancement:
- Added support for a new pattern of SYSLOG logs. |
2024-08-28 | Enhancement:
- Added support for new log pattern. |
2024-06-10 | Enhancement:
- Enhanced the parser to handle the new logs. - Mapped "Processes.process_exec" to "additional.fields". - Mapped "Processes.action" to "security_result.action". - Mapped "Processes.description" to "metadata.description". - Mapped "Processes.dest" to "target.hostname". - Mapped "Processes.process_id" to "principal.process.pid". - Mapped "Processes.user" to "principal.user.userid". - Mapped "Processes.process" to "principal.application". - Mapped "Processes.user_id" to "principal.user.windows_sid". - Mapped "Processes.parent_process_id" to "principal.process.parent_process.pid". - Mapped "Processes.process_hash", "Processes.process_name", "Processes.parent_process", "Processes.parent_process_exec" to "additional.fields". - Mapped "Processes.process_path" to "principal.process.parent_process.file.full_path". |
2024-03-20 | Newly created parser.
|