Package infoblox/nios Release Notes

Improves event categorization.
Adds support for additional audit events
Enhances DNS field extraction
The old parser syslog-utc is now officially removed from the Infoblox Nios package

Deprecation notice:
- The old parser syslog-utc is deprecated, and replaced by the new parser infoblox-nios . In this release, the two parsers are exactly alike, except for the name, but all future changes will only go into the new infoblox-nios parser. We recommend switching to the newer parser as soon as possible, to make for the smoothest upgrade. The old syslog-utc parser will be removed at some point in the future. In your data, the field #type contains the name of the parser, so any queries you may have that searches for this field need to accomodate this change.
It extends the support of syslog format.
Adds following fields mapped to CPS: dns.question.name , dns.question.class , client.domain , client.ip amd server.ip .

Improves event categorization and outcomes via the event.category[] and event.type[] arrays and the event.outcome field.

Simplifies parser logic by removing unnecessary rename operations.
Bumps the minimum LogScale version to 1.142 to support assertions in yaml files.
Extracts the dns.answer.* and dns.resolved_ip fields.
Removes the repeat.message field.

Adds new event.module , event.dataset and Cps.version fields
Removes the Product , related.host and related.ip fields
Sets following tags: Cps.version , Vendor , ecs.version , event.dataset , event.kind , event.module , event.outcome , observer.type