Change log for PAN_PANORAMA
Date | Changes |
---|---|
2024-09-10 | Enhancement:
- Removed duplicate mapping for "security_result.detection_fields". - Modified field value for "metadata.product_event_type". |
2024-09-02 | Enhancement:
- Mapped "sub_type" to "additional.fields". |
2024-07-19 | Enhancement:
- Implemented parsing for 'Threat' subtype and modified existing parsers to accurately populate the corresponding UDM field. - Added support for CSV logs where "type" is equal to "CONFIG". |
2024-07-10 | Enhancement:
- Added support for "USERID" CSV logs. |
2024-07-09 | Enhancement:
- When "type" is "SYSTEM" then mapped "sub_type" to "security_result.detection_fields". |
2024-06-15 | Enhancement:
- When "target_port" is not empty, then mapped "target_port" to "target.port". |
2024-01-25 | Enhancement:
- Mapped "characterstic_of_app" to "security_result.summary". - Mapped "pkts_received" to "network.received_packets". - Mapped "pkts_sent" to "network.sent_bytes". - Mapped "md5hash" to "principal.file.md5". - Mapped "sha256hash" to "principal.file.sha256". - Mapped "sha1hash" to "principal.file.sha1". - Mapped "about_file_mime_type" to "principal.file.mime_type". - Mapped "principal_ip" to "principal.asset.ip". - Mapped "principal_ip1" to "principal.asset.ip". - Mapped "principal_ip2" to "principal.asset.ip". - Mapped "principal_ip3" to "principal.asset.ip". - Mapped "principal_hostname" to "principal.asset.hostname". - Mapped "target_ip" to "target.asset.ip". - Mapped "target_ip1" to "target.asset.ip". - Mapped "target_hostname" to "target.asset.hostname". - Mapped "intermediary_hostname" to ""intermediary.asset.hostname". - Mapped "category_of_app" to "security_result.category_details". - Mapped "subcategory_of_app1" to "security_result.category_details". - Mapped "subcategory_of_app" to "security_result.category_details". |
2023-08-07 | - Newly created parser.
|