Change log for ARISTA_SWITCH
| Date | Changes |
|---|---|
| 2025-10-15 | Enhancement:
- event.idm.read_only_udm.additional.fields: Newly mapped `vlan_id` raw log field to `event.idm.read_only_udm.additional.fields`. - Enhanced date parsing for `event.idm.read_only_udm.metadata.event_timestamp` to add support for "MMM d HH:mm:ss" and "MMM dd HH:mm:ss" date formats. - Updated syslog grok patterns to parse the raw log field `timestamp` using both `SYSLOGTIMESTAMP` and `TIMESTAMP_ISO8601` patterns. |
| 2024-06-07 | Enhancement:
- Added a Grok pattern to parse the new pattern of SYSLOG format logs. - Mapped "principal_mac" to "principal.mac". - Mapped "principal_port" to "principal.port". |
| 2024-03-17 | Enhancement:
- Added a Grok pattern to parse SYSLOG format logs. - Mapped "user" to "principal.user.userid". - Mapped "proto" to "network.application_protocol". - Mapped "prin_ip" to "principal.ip". |
| 2022-08-03 | Newly created parser
|