Change log for MARIA_DB
| Date | Changes |
|---|---|
| 2026-02-18 | Enhancement:
- `event.idm.read_only_udm.additional.fields`: Newly mapped `type_val`, `name_val`, `command_val`, `database`, `connection_id` raw log fields with `event.idm.read_only_udm.additional.fields` UDM field. - `event.idm.read_only_udm.metadata.description`: Newly mapped `status_message` raw log fields with `event.idm.read_only_udm.metadata.description` UDM field. - `event.idm.read_only_udm.metadata.event_timestamp`: Newly mapped `time_year`, `time_val` raw log field with `event.idm.read_only_udm.metadata.event_timestamp` UDM field. - `event.idm.read_only_udm.principal.process.file.full_path`: Newly mapped `program` raw log field with `event.idm.read_only_udm.principal.process.file.full_path` UDM field. - `event.idm.read_only_udm.principal.process.pid`: Newly mapped `process_id` raw log field with `event.idm.read_only_udm.principal.process.pid` UDM field. - `event.idm.read_only_udm.target.resource.product_object_id`: Newly mapped `server_uid` raw log field with `event.idm.read_only_udm.target.resource.product_object_id` UDM field. - `event.idm.read_only_udm.security_result.detection_fields`: Newly mapped `user_auth_status` raw log field with `event.idm.read_only_udm.security_result.detection_fields` UDM field. - `event.idm.read_only_udm.security_result.rule_id`: Newly mapped `rule_id` raw log field with `event.idm.read_only_udm.security_result.rule_id` UDM field. - `event.idm.read_only_udm.security_result.action_details`: Newly mapped `action` raw log field with `event.idm.read_only_udm.security_result.action_details` UDM field. - `event.idm.read_only_udm.target.file.full_path`: Newly mapped `file_path` raw log field with `event.idm.read_only_udm.target.file.full_path` UDM field. - `event.idm.read_only_udm.target.port`: Newly mapped `db_port` raw log field with `event.idm.read_only_udm.target.port` UDM field. - `event.idm.read_only_udm.target.resource.attribute.labels`: Newly mapped `db_version` raw log field with `event.idm.read_only_udm.target.resource.attribute.labels` UDM field. - `event.idm.read_only_udm.target.resource.name`: Newly mapped `resource_name` raw log field with `event.idm.read_only_udm.target.resource.name` UDM field. - `event.idm.read_only_udm.target.url`: Newly mapped `managed_by` raw log field with `event.idm.read_only_udm.target.url` UDM field. - `event.idm.read_only_udm.security_result.severity`: Set the value of `event.idm.read_only_udm.security_result.severity` UDM field to `MEDIUM` when `log_level` is "warning" and to `INFORMATIONAL` when `log_level` is "note". - `event.idm.read_only_udm.security_result.severity_details`: Newly mapped `log_level` raw log field with `event.idm.read_only_udm.security_result.severity_details` UDM field. - Added new date formats to support for the `event.idm.read_only_udm.metadata.event_timestamp`. - Added the grok patterns to ensure inappropriate values are no longer being mapped to `event.idm.read_only_udm.metadata.product_event_type`, `event.idm.read_only_udm.principal.hostname`, `event.idm.read_only_udm.principal.asset.hostname`, `event.idm.read_only_udm.principal.user.userid` and `event.idm.read_only_udm.metadata.event_timestamp.nanos` UDM fields. Additionally, this is allowing the `event.idm.read_only_udm.principal.ip` and `event.idm.read_only_udm.principal.asset.ip` UDM fields to be mapped correctly. |
| 2024-12-03 | - Added "gsub" to remove special characters from the CSV format logs.
|
| 2024-11-08 | - Added support for the CSV format logs.
|
| 2024-07-07 | - Newly created parser.
|