Change log for UMBRELLA_WEBPROXY
| Date | Changes |
|---|---|
| 2024-09-05 | Enhancement:
- Mapped "tld" to "security_result.detection_fields". |
| 2023-10-17 | Enhancement:
- Mapped "verdict" to "security_result.action". |
| 2023-09-14 | Enhancement:
- Added v8 support for proxy logs. - Mapped "dlpstatus" to "security_result.detection_fields". - Mapped "certificateErrors" to "security_result.detection_fields". - Mapped "rulesetID" to "security_result.detection_fields". - Mapped "destinationListID" to "security_result.detection_fields". - Mapped "isolateAction" to "security_result.detection_fields". - Mapped "fileAction" to "security_result.detection_fields". - Mapped "warnstatus" to "security_result.detection_fields". - Mapped "avDetections" to "security_result.detection_fields". - Mapped "puas" to "security_result.detection_fields". - Mapped "ampDisposition" to "security_result.detection_fields". - Mapped "ampMalware" to "security_result.detection_fields". - Mapped "ampScore" to "security_result.detection_fields". - Mapped "responseBodySize" to "security_result.detection_fields". - Mapped "requestSize" to "network.sent_bytes". - Mapped "ruleID" to "security_result.rule_id". - Mapped "fileName" to "target.file.names". - Mapped "requestMethod" to "network.http.method". |
| 2023-08-16 | Bug-Fix-
- Modified the conditional check for "identity" field to support both "username with email" and "only email" - Removed mapping of "identity" to "principal.user.product_object_id" for "AD Users". |
| 2022-12-16 | Enhancement-
- Modified the conditional check for the field 'email' and mapped to 'principal.user.email_addresses'. - Modified the conditional check for the field 'destinationIp' and mapped to 'target.ip'. |
| 2022-09-02 | Enhancement-
Migrated the custom parsers into default parser. |
| 2022-08-19 | Enhancement-Handled unparsed logs.
Added on error condition for field "externalIp". |
| 2022-08-17 | Fix -
- Added new date type to parse dates of format "MM/dd/yy HH:mm". |