Change log for JOURNALD

Date	Changes
2025-10-03	Enhancement: - event.idm.read_only_udm.metadata.description: Newly mapped `MESSAGE` raw log field with `event.idm.read_only_udm.metadata.description` UDM field. - event.idm.read_only_udm.network.email.mail_id: Newly mapped `message_id` field with `event.idm.read_only_udm.network.email.mail_id` UDM field. - event.idm.read_only_udm.src.user.user_display_name: Newly mapped `from` raw log field with `event.idm.read_only_udm.src.user.user_display_name` UDM field. - event.idm.read_only_udm.src.user.userid: Newly mapped `uid` raw log field with `event.idm.read_only_udm.src.user.userid` UDM field. - event.idm.read_only_udm.principal.hostname: Newly mapped `_HOSTNAME` raw log field with `event.idm.read_only_udm.principal.hostname` UDM field. - event.idm.read_only_udm.target.user.userid: Newly mapped `_UID` raw log field with `event.idm.read_only_udm.target.user.userid` UDM field. - event.idm.read_only_udm.principal.resource.attribute.labels: Newly mapped `_GID`, `_SYSTEMD_UNIT` raw log field with `event.idm.read_only_udm.principal.resource.attribute.labels` UDM field. - event.idm.read_only_udm.target.process.pid: Newly mapped `_PID` raw log field with `event.idm.read_only_udm.target.process.pid` UDM field. - event.idm.read_only_udm.principal.process.pid: Newly mapped `SYSLOG_PID` raw log field with `event.idm.read_only_udm.principal.process.pid` UDM field. - event.idm.read_only_udm.principal.process.file.full_path: Newly mapped `_EXE` raw log field with `event.idm.read_only_udm.principal.process.file.full_path` UDM field. - event.idm.read_only_udm.principal.process.file.names: Newly mapped `_COMM` raw log field with `event.idm.read_only_udm.principal.process.file.names` UDM field. - event.idm.read_only_udm.principal.process.command_line: Newly mapped `_CMDLINE` raw log field with `event.idm.read_only_udm.principal.process.command_line` UDM field. - event.idm.read_only_udm.security_result.priority_details: Newly mapped `PRIORITY` raw log field with `event.idm.read_only_udm.security_result.priority_details` UDM field. - event.idm.read_only_udm.security_result.about.resource.attribute.labels: Newly mapped `SYSLOG_FACILITY`, `SYSLOG_IDENTIFIER`, `_SYSTEMD_CGROUP`, `_CAP_EFFECTIVE`, `_TRANSPORT` raw log field with `event.idm.read_only_udm.security_result.about.resource.attribute.labels` UDM field. - event.idm.read_only_udm.target.resource.attribute.labels: Newly mapped `_BOOT_ID` raw log field with `event.idm.read_only_udm.target.resource.attribute.labels` UDM field. - event.idm.read_only_udm.additional.fields: Newly mapped `_MACHINE_ID`, `_SYSTEMD_SLICE`, `__CURSOR`, `__MONOTONIC_TIMESTAMP`, `CODE_FUNCTION`, `CODE_LINE`, `RESULT` raw log field with `event.idm.read_only_udm.additional.fields` UDM field. - event.idm.read_only_udm.src.file.full_path: Newly mapped `CODE_FILE` raw log field with `event.idm.read_only_udm.src.file.full_path` UDM field. - event.idm.read_only_udm.metadata.product_log_id: Newly mapped `MESSAGE_ID` raw log field with `event.idm.read_only_udm.metadata.product_log_id` UDM field. - event.idm.read_only_udm.target.resource.name: Newly mapped `UNIT` raw log field with `event.idm.read_only_udm.target.resource.name` UDM field.
2024-11-27	Newly created parser.

Date

Changes

2025-10-03

Enhancement:
- event.idm.read_only_udm.metadata.description: Newly mapped `MESSAGE` raw log field with `event.idm.read_only_udm.metadata.description` UDM field.
- event.idm.read_only_udm.network.email.mail_id: Newly mapped `message_id` field with `event.idm.read_only_udm.network.email.mail_id` UDM field.
- event.idm.read_only_udm.src.user.user_display_name: Newly mapped `from` raw log field with `event.idm.read_only_udm.src.user.user_display_name` UDM field.
- event.idm.read_only_udm.src.user.userid: Newly mapped `uid` raw log field with `event.idm.read_only_udm.src.user.userid` UDM field.
- event.idm.read_only_udm.principal.hostname: Newly mapped `_HOSTNAME` raw log field with `event.idm.read_only_udm.principal.hostname` UDM field.
- event.idm.read_only_udm.target.user.userid: Newly mapped `_UID` raw log field with `event.idm.read_only_udm.target.user.userid` UDM field.
- event.idm.read_only_udm.principal.resource.attribute.labels: Newly mapped `_GID`, `_SYSTEMD_UNIT` raw log field with `event.idm.read_only_udm.principal.resource.attribute.labels` UDM field.
- event.idm.read_only_udm.target.process.pid: Newly mapped `_PID` raw log field with `event.idm.read_only_udm.target.process.pid` UDM field.
- event.idm.read_only_udm.principal.process.pid: Newly mapped `SYSLOG_PID` raw log field with `event.idm.read_only_udm.principal.process.pid` UDM field.
- event.idm.read_only_udm.principal.process.file.full_path: Newly mapped `_EXE` raw log field with `event.idm.read_only_udm.principal.process.file.full_path` UDM field.
- event.idm.read_only_udm.principal.process.file.names: Newly mapped `_COMM` raw log field with `event.idm.read_only_udm.principal.process.file.names` UDM field.
- event.idm.read_only_udm.principal.process.command_line: Newly mapped `_CMDLINE` raw log field with `event.idm.read_only_udm.principal.process.command_line` UDM field.
- event.idm.read_only_udm.security_result.priority_details: Newly mapped `PRIORITY` raw log field with `event.idm.read_only_udm.security_result.priority_details` UDM field.
- event.idm.read_only_udm.security_result.about.resource.attribute.labels: Newly mapped `SYSLOG_FACILITY`, `SYSLOG_IDENTIFIER`, `_SYSTEMD_CGROUP`, `_CAP_EFFECTIVE`, `_TRANSPORT` raw log field with `event.idm.read_only_udm.security_result.about.resource.attribute.labels` UDM field.
- event.idm.read_only_udm.target.resource.attribute.labels: Newly mapped `_BOOT_ID` raw log field with `event.idm.read_only_udm.target.resource.attribute.labels` UDM field.
- event.idm.read_only_udm.additional.fields: Newly mapped `_MACHINE_ID`, `_SYSTEMD_SLICE`, `__CURSOR`, `__MONOTONIC_TIMESTAMP`, `CODE_FUNCTION`, `CODE_LINE`, `RESULT` raw log field with `event.idm.read_only_udm.additional.fields` UDM field.
- event.idm.read_only_udm.src.file.full_path: Newly mapped `CODE_FILE` raw log field with `event.idm.read_only_udm.src.file.full_path` UDM field.
- event.idm.read_only_udm.metadata.product_log_id: Newly mapped `MESSAGE_ID` raw log field with `event.idm.read_only_udm.metadata.product_log_id` UDM field.
- event.idm.read_only_udm.target.resource.name: Newly mapped `UNIT` raw log field with `event.idm.read_only_udm.target.resource.name` UDM field.

2024-11-27

Newly created parser.