Stay organized with collections
Save and categorize content based on your preferences.
Change log for SECURELINK
Date
Changes
2023-09-13
Enhancement:
- Added a Grok pattern to parse syslog logs.
- Mapped "msg" to "metadata.description".
- Mapped "dst_ip" to "target.ip".
- Mapped "src_ip" to "principal.ip".
- Mapped "proto" to "network.ip_protocol".
- Mapped "priority" to "security_result.severity_details".
- Mapped "classification" to "additional.fields".
- Mapped "url" to "target.url".
2023-08-09
Bug-Fix:
- Modified Grok pattern to parse the "key" field.
2022-07-13
Enhancement:
- Modified grok pattern to parse "systemd", "journal", "sshd", "sudo", "su", "CROND", "suricata", "ntpd", "kernel", "suricata-config", "stunnel" logtypes.
- Changed metadata.event_type from "GENERIC_EVENT" to "STATUS_UPDATE" where principal.hostname is not null.
- Changed metadata.event_type from "GENERIC_EVENT" to "USER_UNCATEGORIZED" where target.user.userid is not null.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2024-10-30 UTC."],[],[]]