Change log for CB_APP_CONTROL
Date | Changes |
---|---|
2024-07-29 | Enhancement
- Added a Grok pattern to extract the hostname and mapped it to "intermediary.hostname". |
2022-07-01 | Enhancement
- Mapped the field 'agent.type' to 'observer.application'. - Mapped the field 'agent.name' to 'observer.user.userid'. - Mapped the field 'host.name' to 'observer.hostname'. - Mapped the field 'agent.type' and 'agent.name' to 'observer.asset_id'. - Mapped the field 'agent.ephemeral_id' to 'observer.labels'. - Mapped the field 'host.os.platform' to 'target.platform'. - Mapped the field 'host.os.version' to 'target.platform_version'. - Mapped the field 'host.os.kernel' to 'target.platform_patch_level'. - Mapped the field 'cloud.instance.id' to 'principal.resource.product_object_id'. - Mapped the field 'cloud.instance.name' to 'principal.resource.name'. - Mapped the field 'host.mac' to 'target.mac'. - Mapped the field 'host.ip' to 'target.asset.ip'. - Mapped the field 'host.id' to 'target.asset.asset_id'. - Mapped the field 'host.architecture' to 'target.asset.hardware'. - Mapped the field 'message.UserSID' to 'principal.user.userid'. - Mapped the field 'message.ProcessPath' to 'about.process.command_line'. - Mapped the field 'cloud.machine.type' and 'cloud.provider' to 'principal.resource.attribute.labels'. - Added conditional checks for 'message.Bit9Server' and 'message.HostId' mapped to 'metadata.url_back_to_product'. |
2022-06-22 | Bug-Fix
- Mapped hostId to principal.asset_id - Mapped Bit9Server and HostId combination to metadata.url_back_to_product |
2022-05-19 | Bug-Fix
-parsed requested logs in the bug -parsed api failed logs |