Stay organized with collections
Save and categorize content based on your preferences.
Change log for CLAROTY_CTD
Date
Changes
2025-06-18
- Added `threat_name` in state data by defining and initializing it at the beginning of the code.
2024-12-04
- Added additional mappings for logs when "eventclass" is "Event" , "Alert" , "HealthCheck" , and "Insight".
2024-11-13
- Added Grok patterns to parse the hostname and the IP address from the syslog header and map it to "observer.hostname" and "observer.ip" respectively.
- Added support for unparsed logs.
2024-10-07
- Added support to parse new format of unparsed KV logs.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-09 UTC."],[],[],null,["Change log for CLAROTY_CTD\n\n| Date | Changes |\n|------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| 2025-06-18 | - Added \\`threat_name\\` in state data by defining and initializing it at the beginning of the code. |\n| 2024-12-04 | - Added additional mappings for logs when \"eventclass\" is \"Event\" , \"Alert\" , \"HealthCheck\" , and \"Insight\". |\n| 2024-11-13 | - Added Grok patterns to parse the hostname and the IP address from the syslog header and map it to \"observer.hostname\" and \"observer.ip\" respectively. - Added support for unparsed logs. |\n| 2024-10-07 | - Added support to parse new format of unparsed KV logs. |\n| 2024-08-28 | - Newly created parser. |"]]
