Change log for POSTFIX_MAIL
| Date | Changes |
|---|---|
| 2024-06-25 | Enhancement:
- Added support to parse new format of syslog logs. |
| 2024-05-22 | Enhancement
- Added a Grok pattern to extract "from" and "to" email addresses, "subject", and "filename" from the raw log and set "metadata.event_type" to "EMAIL_TRANSACTION". |
| 2022-10-06 | Enhancement
- Modified grok pattern to parse the logs. |
| 2022-07-18 | Enhancement
- Mapped host.hostname to principal.hostname. - Mapped host.ip to principal.ip. - Mapped host.mac to principal.mac. - Mapped host.id to principal.asset.asset_id. - Mapped host.os.name to principal.platform. - Mapped network.ip_protocol to TCP if input.type is tcp. - Mapped log.source.address data src_ip to principal.ip, src_port to principal.port. - Mapped agent.id to metadata.product_log_id. - Mapped agent.type to metadata.product_event_type. - Mapped agent.version to metadata.product_version. - Mapped source_ip to principal.ip. - Mapped source_hostname to principal.hostname. - Mapped target_email to network.email.to if it is an email else mapped to target.user.userid. - Mapped from_user to network.email.from. |