Stay organized with collections
Save and categorize content based on your preferences.
Change log for SIGNAL_SCIENCES_WAF
Date
Changes
2024-05-13
Enhancement:
- Added support to handle array of JSON logs.
2023-11-22
Enhancement:
- Added a Grok pattern to validate "remoteIP".
- Added on_error function for fields "tag.detector", "tag.link", "tag.location", "tag.redaction", "tag.type", and "tag.value1".
2023-09-16
Bug-Fix:
- Added a condition check to avoid mapping negative values to "network.received_bytes" and "network.http.response_code".
2023-02-21
Bug-Fix
- Added gsub to fix the issue of userid and username not displayed in the udm mapping of "target.user.user_display_name" and "target.user.userid", respectively.
2022-11-25
Enhancement
- Enhanced the parser to support new log format.
2022-11-03
Enhancement
- Mapped "created" to "metadata.timestamp".
- Checked for not null conditions for following:
"remoteIP", "responseSize", "uri", "remoteHostname","serverName","userAgent","method","remoteCountryCode","id" prior mapping to udm.
- Mapped "eventType" to "metadata.product_event_type".
- Mapped "message_data" to "metadata.description".
- Mapped "username" to "target.user.user_display_name".
- Mapped "userid" to "target.user.userid".
- Mapped "attachments.Fields.Title" , "attachments.Fields.Value" to "metadata.ingestion_labels" key and value.
- Mapped "msgData.detailLink" to "network.http.referral_url".
- Mapped "msgData.name" to "target.resource.name".
- Mapped "msgData.changes" to "target.resource.attribute.labels".
- Mapped "msgData.reason" to "security_result.summary".
- Mapped "msgData.conditions" to "security_result.description".
- Mapped "msgData.sites" to "network.http.user_agent".
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-03-13 UTC."],[[["The change log documents enhancements to the SIGNAL_SCIENCES_WAF, including added support for handling arrays of JSON logs."],["Recent updates include a Grok pattern for \"remoteIP\" validation and an on_error function for various tag fields."],["Bug fixes addressed issues such as preventing negative values in \"network.received_bytes\" and \"network.http.response_code\" and fixing username/userid display in udm mapping."],["Enhancements were made to support new log formats and to map various log fields to UDM (Unified Data Model), including details like \"metadata.timestamp\", \"target.user.userid\", and \"network.http.referral_url\"."],["The parser now includes null checks for fields such as \"remoteIP\", \"responseSize\", and \"uri\" before mapping to UDM."]]],[]]
