Stay organized with collections
Save and categorize content based on your preferences.
Change log for IBM_DATAPOWER
Date
Changes
2022-12-26
Enhancement:
- Added GROK pattern to parse the unparsed SYSLOG logs.
- If log contains the Logged out and Logged fields, then these events are mapped to the USER_LOGOUT and USER_LOGIN event type, respectively.
2022-06-30
Enhancement:
- Added grok pattern for retrieving "src_ip".
2022-06-10
Enhancement - The newly ingested SYSLOG format logs have been handled and parsed..
- If Log contains any response code value such as 200, 201,203 are mapped to 'network.http.response_code'.
- If Log contains application protocols such as HTTP, FTP etc, are mapped to 'network.application_protocol'.
- If Target IP and Principal Hostname are not null then metadata.event_type mapped to 'NETWORK_UNCATEGORIZED'.
- If Source Ip and Principal Hostname are not null then metadata.event_type mapped to 'STATUS_UPDATE'.
