Change log for HADOOP

Date	Changes
2023-06-05	Enhancemment - Added new Grok pattern to parse new syslog format logs. - Changed "event_type" from "GENERIC_EVENT" to "NETWORK_CONNECTION" when both "principal" and "target" fields are present, otherwise set it to "STATUS_UPDATE". - Mapped "ugi" to "target.ip". - Mapped "tip" to "target.hostname". - Mapped "cmd" to "principal.process.command_line". - Mapped the "hostname" and IP address already mapped to "observer.hostname and observer.ip" to "principal.hostname" and "principal.ip" as well to meet validation requirements.
2022-05-25	Mapped IP to observer.ip.

Date

Changes

2023-06-05

Enhancemment - Added new Grok pattern to parse new syslog format logs.
- Changed "event_type" from "GENERIC_EVENT" to "NETWORK_CONNECTION" when both "principal" and "target" fields are present, otherwise set it to "STATUS_UPDATE".
- Mapped "ugi" to "target.ip".
- Mapped "tip" to "target.hostname".
- Mapped "cmd" to "principal.process.command_line".
- Mapped the "hostname" and IP address already mapped to "observer.hostname and observer.ip" to "principal.hostname" and "principal.ip" as well to meet validation requirements.

2022-05-25

Mapped IP to observer.ip.

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2024-04-05 UTC.