Change log for GMAIL_LOGS
| Date | Changes |
|---|---|
| 2023-12-22 | Bug-Fix:
- Mapped "message_info.source.address" to "network.email.from". |
| 2023-12-07 | Bug-Fix:
- Added convert block to convert the respective data to string. - Mapped "message_info.source.from_header_address" to "network.email.from". |
| 2023-08-21 | Enhancement:
- Added null check for JSON plugin and dropped malformed logs. - Mapped 'email' to 'princpal.email_addresses'. - Mapped 'token.client_id' to 'principal.user.group_identifiers'. - Mapped 'token.app_name' to 'principal.application'. - Mapped 'token.scope_data.0.product_bucket.0' to 'additional.fields'. - Mapped 'record_type' to 'additional.fields'. - Mapped 'token.client_type' to 'additional.fields'. - Mapped 'event_name' to 'metadata.product_event_type'. |
| 2023-06-06 | Enhancement:
- Mapped "event_info.success" to "security_result.action". - when "event_info.success" is "true" , "security_result.action" is set "ALLOW". - when "event_info.success" is "false" , "security_result.action" is set "BLOCK". |
| 2023-05-19 | Enhancement:
- Mapped "attachment.file_name" to "about.file.full_path". - Mapped "message_info.post_delivery_info.action_type", "message_info.post_delivery_info.interaction.link_url", "event_info.mail_event_type" to "additional.fields". |
| 2023-03-31 | Enhancement:
- The field 'message_info.source.service' and 'message_info.source.selector' is mapped to 'principal.application'. - The field 'message_info.destination.0.service' and 'message_info.destination.0.selector' is mapped to 'target.application'. - The field 'message_info.triggered_rule_info[n].string_match[n].predefined_detector_name' is mapped to 'security_result.detection_fields'. - The field 'message_info.triggered_rule_info[n].string_match[n].matched_string' is mapped to 'security_result.detection_fields'. - The field 'message_info.triggered_rule_info[n].string_match[n].match_expression' is mapped to 'security_result.detection_fields'. - The field 'message_info.triggered_rule_info[n].string_match[n].source' is mapped to 'security_result.detection_fields'. - The field 'message_info.triggered_rule_info[n].string_match[n].type' is mapped to 'security_result.detection_fields'. - The field 'message_info.num_message_attachments' is mapped to 'additional.fields'. - Added a 'for' loop to map the extracted fields from 'message_info.destination'. - Added a 'for' loop to map the extracted fields from 'message_info.attachment'. - Added null conditional checks for several fields. |