Change log for CISCO_WIRELESS
Date | Changes |
---|---|
2024-01-10 | Enhancement -
- Added Grok patterns to parse newly ingested unparsed logs. - Handled logs when the value of "mnemonic" is not null and the value is "SEC_LOGIN-5-LOGIN_SUCCESS" and "CRL_LDAP_QUERY". - Mapped "msg1" to "metadata.description". - Mapped "messageToProcess" to "metadata.description". |
2023-02-09 | Enhancement -
- Supported new logs which has field "PARSE_ERROR". - Added grok pattern to support new logs. |
2022-09-08 | Fix -
- Corrected a typo error: On line 1239 in include file added comment marker '#' proceeding to the word 'security'. |
2022-08-22 | Enhancement
- Moved customer specific parser changes to default parser - Added grok patterns to parse the drop logs - Removed drop tags to enhance the parser - Changed the field mapping of "event.idm.read_only_udm.metadata.event_type" from "GENERIC_EVENT" to "STATUS_UNCATEGORIZED" and "STATUS_UPDATE" - Mapped "messageToProcess" field to "event.idm.read_only_udm.metadata.description" - Mapped "src_ip" field to "event.idm.read_only_udm.principal.ip" - Mapped "wlc_controller" to "event.idm.read_only_udm.principal.hostname" - Mapped "event.idm.read_only_udm.metadata.event_type" to "USER_RESOURCE_ACCESS" |