Stay organized with collections Save and categorize content based on your preferences.

Change log for CA_ACCESS_CONTROL

Date Changes
2022-06-29 Enhancement - Modified grok pattern to parse Update Event log types, shutdown logs and start logs.
Mapped "timestamp" to "event.idm.read_only_udm.metadata.collected_timestamp" for SEAUDIT FORMAT Logs.
Mapped "Userid" to "" for Update User, Update Group.
Mapped "event.idm.read_only_udm.metadata.event_type" [User_Uncategorized for Update (User,File,Program,Hnode) and Group_Uncategorized for Update(Group)].
Mapped "about.labels" for Update Hnode log type with key as "policy_name".
Mapped "" for Update Hnode Log Type.
Mapped "" for Update Events.
Mapped "event.idm.read_only_udm.src.user.userid" with the raw field User Name.
Mapped "event.idm.read_only_udm.security_result.rule_type" with command_type for "Security database administration" event type.
2022-04-13 Enhancement-Mapped the following fields: status, reason, stage, class, resource, access, event header, administrator, command, type, sequence number, daemon.