Change log for F5_VPN
Date | Changes |
---|---|
2022-07-22 | Enhancement:
- Modified grok pattern to parse the date present in "RFC 3339" format. - Added "gsub" to remove "/" from "resource_id". |
2022-07-08 | Enhancement:
- Mapped "uri_path" to "target.url". - Mapped "protocol" to "network.application_protocol". - Mapped "method" to "network.http.method". - Mapped "User-Agent" to "network.http.user_agent". - Mapped "s_ip" to "src.ip". - Mapped "t_ip" to "target.ip". - Mapped "t_port" to "target.port". - Mapped "s_nat_ip" to "target.nat_ip". - Mapped "ip_protocol" to "network.ip_protocol". - Mapped "descrip" to "security_result.description". - Mapped "user" to "principal.user.userid". - Mapped "command" to "target.process.command_line". When "application" is equal to "logger" - Mapped "cipher_name" to "network.tls.cipher". - Mapped "tls_version" to "network.tls.version". - Mapped "resource_id" to "target.resource.id" - Mapped "src_ip" to "principal.ip". - Mapped "url" to "network.http.referral_url". - Mapped "status" to "network.http.response_code". |
2022-07-08 | Enhancement:
- Mapped "uri_path" to "target.url". - Mapped "protocol" to "network.application_protocol". - Mapped "method" to "network.http.method". - Mapped "User-Agent" to "network.http.user_agent". - Mapped "s_ip" to "src.ip". - Mapped "t_ip" to "target.ip". - Mapped "t_port" to "target.port". - Mapped "s_nat_ip" to "target.nat_ip". - Mapped "ip_protocol" to "network.ip_protocol". - Mapped "descrip" to "security_result.description". - Mapped "user" to "principal.user.userid". - Mapped "command" to "target.process.command_line". When "application" is equal to "logger" - Mapped "cipher_name" to "network.tls.cipher". - Mapped "tls_version" to "network.tls.version". - Mapped "resource_id" to "target.resource.id" - Mapped "src_ip" to "principal.ip". - Mapped "url" to "network.http.referral_url". - Mapped "status" to "network.http.response_code". |