Change log for MIKROTIK_ROUTER
| Date | Changes |
|---|---|
| 2025-01-21 | Enhancement:
- Mapped "metadata.event_type" to "NETWORK_DHCP" for DHCP logs. - Mapped "client_mac" to "principal.mac". - When "details" has "assigned", then mapped "network.dhcp.type" to "ACK". - When "details" has "deassigned", then mapped "network.dhcp.type" to "RELEASE". - When "details" has "request", then mapped "network.dhcp.type" to "REQUEST". - When "details" has "offer", then mapped "network.dhcp.type" to "OFFER". |
| 2025-01-20 | Enhancement:
- Modified the Grok pattern to parse "intermediary.hostname" data. |
| 2024-12-18 | Enhancement:
- Added support for new format of syslog logs. |
| 2024-11-26 | Enhancement:
- Modified the Grok pattern to remove "period" from the data. - Mapped "server_name" to "target.hostname" and "target.asset. |
| 2024-11-15 | Enhancement:
- Mapped "action" to "security_result.action". |
| 2024-09-30 | - Changed mapping for "username" from "principal.user.userid", "src.user.userid" to "target.user.userid".
- For the login event, mapped "metadata.event_type" to "USER_LOGIN". - For the logout event, mapped "metadata.event_type" to "USER_LOGOUT". - Mapped "application" to "target.application". - Mapped "bytes_in" to "network.received_bytes". - Mapped "bytes_out" to "network.sent_bytes". - Mapped "connection_time_in_seconds", "packets_in" and "packets_out" to "security_result.detection_fields". |
| 2024-05-28 | Newly created parser.
|