Change log for NIX_SYSTEM
| Date | Changes |
|---|---|
| 2025-11-17 | - Enhanced grok pattern to map the NetworkManager, CROND, and vsftpd processes to `metadata.product_event_type` UDM field. |
| 2025-11-14 | Added grok pattern to support new structure of logs from the `syslog` source path. |
| 2025-11-06 | Added GROK pattern to support new structure of logs. |
| 2025-10-31 | Updated grok pattern to support new structure of logs in the legacy backward compatibility code. |
| 2025-10-30 | Enhanced GROK pattern to support new pattern of logs. |
| 2025-10-13 | Added grok pattern to map the following fields in the legacy backward compatibility code. - target.ip: Newly mapped `DstIP` raw log field with `target.ip` UDM field. - target.port: Newly mapped `DstPort` raw log field with `target.port` UDM field. - principal.ip: Newly mapped `SrcIP` raw log field with `principal.ip` UDM field. - principal.port: Newly mapped `SrcIP` raw log field with `principal.port` UDM field. |
| 2025-10-10 | - Added a grok pattern to parse logs from the `syslog` source path in JSON format.
|
| 2025-09-09 | - target.user.userid: Added grok pattern to remove mapping of the partial value of `username` from the `target.user.userid` UDM field and mapped the complete value of `username` instead.
|
| 2025-09-08 | Added a grok pattern to support new structure of logs. - metadata.product_event_type: Newly mapped `process` raw log field with `metadata.product_event_type` UDM field. - principal.process.pid: Newly mapped `process_id` raw log field with `principal.process.pid` UDM field. |
| 2025-08-26 | - Added a grok pattern to parse logs from the `syslog` source path in JSON format.
|
| 2025-06-30 | Updated grok pattern to support new structure of "syslog" logs. |
| 2025-04-28 | intermediary.hostname |
| 2025-03-11 | Added grok pattern to support new schema structure of "kernel" logs. |
| 2025-02-11 | Updated grok pattern to support new structure of "syslog" logs. |
| 2025-01-22 | Added grok pattern to support new structure of "kernel" log. |
| 2025-01-17 | Added support for dropped logs of the "Could not load host key" and "Set" actions logs in sshd. |
| 2024-12-26 | Updated grok pattern to support new structure of "mail" log. |
| 2024-12-26 | Updated grok pattern to support new structure of "mail" log. |
| 2024-11-26 | Added support for dropped logs of the "reprocess" action logs in sshd. |
| 2024-10-25 | Promoted the parser to default. |