Change log for EFFICIENTIP_DDI
| Date | Changes |
|---|---|
| 2024-11-07 | Enhancement:
- Mapped "hostname" to "principal.hostname" and "principal.asset.hostname". - When "data.code" is "1", then set "additional.fields.key" to "subnet_mask". - When "data.code" is "2", then set "additional.fields.key" to "time_offset". - When "data.code" is "4", then set "additional.fields.key" to "time_server". - When "data.code" is "3", then set "additional.fields.key" to "default_router". - When "data.code" is "6", then set "additional.fields.key" to "dns". - When "data.code" is "12", then set "additional.fields.key" to "hostname". - When "data.code" is "15", then set "additional.fields.key" to "domain". - When "data.code" is "42", then set "additional.fields.key" to "ntp". - When "data.code" is "51", then set "additional.fields.key" to "lease_time". - When "data.code" is "58" or "59", then set "additional.fields.key" to "renewal_time". - When "data.code" is "60", then set "additional.fields.key" to "class_identifier". - When "data.code" is "61", then set "additional.fields.key" to "client_identifier". - When "data.code" is "69", then set "additional.fields.key" to "smtp". - When "data.code" is "70", then set "additional.fields.key" to "pop3". - When "data.code" is "81", then set "additional.fields.key" to "fqdn". - When "data.code" is "100", then set "additional.fields.key" to "posix". - When "data.code" is "101", then set "additional.fields.key" to "time_zone". - When "data.code" is "119", then set "additional.fields.key" to "dns_searchlist". - When "data.code" is "121", then set "additional.fields.key" to "static_route". |
| 2024-08-21 | Enhancement:
- When "activity-type" is dns related, then mapped "metadata.event_type" to "NETWORK_DNS". |
| 2024-06-11 | Enhancement:
- Handled unparsed JSON logs. |