Change log for ZSCALER_FIREWALL
Date | Changes |
---|---|
2024-11-12 | Enhancement:
- Added support for new pattern of KV logs. |
2024-04-08 | Enhancement:
- Added a "gsub" function to remove extra brackets to parse JSON logs. - Mapped "column2" to "principal.user.email_addresses". - Mapped "column35" to "principal.user.userid". - Mapped "column36" to "principal.asset_id". - Mapped "column4" to "additional.fields". |
2023-09-12 | Enhancement:
- Handled unparsed JSON format logs. |
2023-03-28 | Enhancement - Added some null checks and on_error statements to handle parsing errors.
- Added/Modified Grok patterns to parse the logs with CEF format. - Handled the cases when "port", "received_bytes" or "ip" were not in their correct form. |
2022-04-29 | - Migrated to default parser.
- Converted from SDM to UDM. |
2022-04-29 | - Migrated to default parser.
- Converted from SDM to UDM. |
2022-04-14 | - Added new data element for secure result
- Modified mapping for target application, network duration |