Change log for UMBRELLA_IP

Date	Changes
2022-08-22	Enhancement: - Mapped the field 'action' to 'security_result.action' and 'security_result.action_details'. - Added grok for the field 'query_type' and mapped it to 'network.dns.questions.type'. - Mapped the field 'domain' to 'network.dns.questions.name'. - Mapped 'DNS' to 'network.application_protocol'. - Mapped the field 'response_code' to 'network.dns.response_code'. - Mapped 'security_result.category' to 'NETWORK_MALICIOUS' where the field 'categories' contains 'Malware' and 'NETWORK_SUSPICIOUS' where 'categories' contains 'Potentially Harmful'. - Mapped the field 'categories' to 'security_result.category_details'.

Date

Changes

2022-08-22

Enhancement:
- Mapped the field 'action' to 'security_result.action' and 'security_result.action_details'.
- Added grok for the field 'query_type' and mapped it to 'network.dns.questions.type'.
- Mapped the field 'domain' to 'network.dns.questions.name'.
- Mapped 'DNS' to 'network.application_protocol'.
- Mapped the field 'response_code' to 'network.dns.response_code'.
- Mapped 'security_result.category' to 'NETWORK_MALICIOUS' where the field 'categories' contains 'Malware' and 'NETWORK_SUSPICIOUS' where 'categories' contains 'Potentially Harmful'.
- Mapped the field 'categories' to 'security_result.category_details'.

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2024-04-24 UTC.