Change log for MCAFEE_WEBPROXY
Date | Changes |
---|---|
2023-06-17 | Enhancement-
- Mapped "sr_bytes" to "network.send_bytes". - Mapped "user" to "principal.user.userid". - Mapped "client_ip" to "principal.ip". |
2023-05-31 | Bug-fix-
- Added Grok pattern to parse logs failing due to extra '-' in CSV format logs. |
2023-01-27 | Enhancement-
- Mapped "requested_host" and "requested_path" to "target.url". - Mapped "username" to "principal.user.userid". - Mapped "destination_ip" to "target.ip". - Mapped "destination_port" to "target.port". - Mapped "client_ip" to "intermediary.ip". - Mapped 'user_agent' to 'network.http.parsed_user_agent'. |
2023-01-16 | Enhancement-
- Added grok pattern for unparsed log. - Mapped "target_ip" to "target.ip". - Mapped "response_code" to "network.http.response_code". - Mapped "category_details" to "security_result.category_details". - Mapped "risk" to "security_result.category_details". |
2022-09-21 | Merged customer specific parser to default. Added Mapping for unparsed log. - Added on error check for "kv_entry.server_ip","kv_entry.method",kv_entry.src_ip","kv_entry.server_ip","kv_entry.url_port","kv_entry.url","kv_entry.status_code" "kv_entry.auth_user","kv_entry.host","kv_entry.user_agent","kv_entry.bytes_from_client","kv_entry.bytes_to_client,"kv_entry.rep_level,"kv_entry.block_reason",kv_entry.categories","kv_entry.application_name","kv_entry.block_res" |