Change log for OPENAM
| Date | Changes |
|---|---|
| 2024-02-09 | Enhancement:
- When "eventName" is "AM-SESSION-MAX_TIMED_OUT", then set "metadata.event_type" to "USER_LOGOUT". |
| 2024-02-06 | - Added support for new pattern of JSON logs.
- When "principal" is present and "metadata.event_type" is "GENERIC_EVENT", then set "metadata.event_type" to "STATUS_UPDATE". - When "eventName" is "AM-ACCESS-OUTCOME", then mapped "http.request.headers.host.0" to "tatget.hostname". - When "eventName" is "AM-ACCESS-OUTCOME", then mapped "http.request.headers.user-agent.0" to "network.http.user_agent". - When "eventName" is "AM-ACCESS-OUTCOME", then mapped "http.request.path" to "target.url". - When "eventName" is "AM-ACCESS-OUTCOME", then mapped "http.request.method" to "network.http.method". - When "http.request.secure" is "true", then set "network.application_protocol" to "HTTPS". - When "http.request.secure" is not "true", then set "network.application_protocol" to "HTTP". - Aligned "principal.ip", "target.ip", "target.hostname" to "principal.asset.ip", "target.asset.ip", "target.asset.hostname". |
| 2023-05-19 | - Mapped "extensions.auth.type" to "SSO" where "eventName" indicates login and logout events.
- Added check to "server.ip" prior mapping to UDM. |
| 2023-05-15 | - Added support for JSON format logs.
|
| 2022-12-26 | Bug - The field 'info.ipAddress' is mapped to 'principal.ip'.
|
| 2022-04-29 | Bug - Mapped target.userid for unparsed logs.
|