Change log for DELINEA_SECRET_SERVER
| Date | Changes |
|---|---|
| 2025-11-11 | Enhancement:
- Updated timestamp parsing to use the `EventDateTime` field when available, falling back to `rt`. - event.idm.read_only_udm.security_result.severity_details: Newly mapped `Level` raw log field to `event.idm.read_only_udm.security_result.severity_details`. - event.idm.read_only_udm.target.resource.attribute.labels: Newly mapped `Service.Type` raw log field to `event.idm.read_only_udm.target.resource.attribute.labels`. - event.idm.read_only_udm.additional.fields: Newly mapped `ProcessedTime`, `Redelivered`, `RelayEvenIfExpired`, `_ucid`, `ForceCompress`, `Version`, `CorrelationId`, `Source.Host.Network.AddressType` and `TenantSecondaryId` raw log fields to `event.idm.read_only_udm.additional.fields`. |
| 2025-04-23 | Enhancement:
- Added a Grok pattern to support new format of syslog logs. |
| 2025-02-25 | Enhancement:
- Mapped "source_host_network_ipaddress" to "principal.ip". - Mapped "target_host_name" to "target_host_name". - Mapped "machineTimeZone" to "additional.fields". - Mapped "machineName" to "additional.fields". - Mapped "product" to "additional.fields". - Mapped "schemaVersion" to "additional.fields". - Mapped "byUserEmailAddress" to "principal.user.email_addresses". - Mapped "byUserDisplayName" to "principal.user.email_addresses" if "byUserEmailAddress" is not equal to null else "byUserDisplayName" to "additional.fields". |
| 2025-01-29 | Enhancement:
- Added support for a new JSON log format. |
| 2024-09-05 | - Newly created parser
|