Package infoblox/nios Release Notes

Package infoblox/nios Release Notes Version 1.2.0

  • Deprecation notice:

    • The old parser syslog-utc is deprecated, and replaced by the new parser infoblox-nios. In this release, the two parsers are exactly alike, except for the name, but all future changes will only go into the new infoblox-nios parser. We recommend switching to the newer parser as soon as possible, to make for the smoothest upgrade. The old syslog-utc parser will be removed at some point in the future. In your data, the field #type contains the name of the parser, so any queries you may have that searches for this field need to accomodate this change.

  • It extends the support of syslog format.

  • Adds following fields mapped to CPS: dns.question.name, dns.question.class, client.domain, client.ip amd server.ip.

Package infoblox/nios Release Notes Version 1.1.1

  • Improves event categorization and outcomes via the event.category[] and event.type[] arrays and the event.outcome field.

Package infoblox/nios Release Notes Version 1.1.0

  • Simplifies parser logic by removing unnecessary rename operations.

  • Bumps the minimum LogScale version to 1.142 to support assertions in yaml files.

  • Extracts the dns.answer.* and dns.resolved_ip fields.

  • Removes the repeat.message field.

Package infoblox/nios Release Notes Version 1.0.0

  • Adds new event.module, event.dataset and Cps.version fields

  • Removes the Product, related.host and related.ip fields

  • Sets following tags: Cps.version, Vendor, ecs.version, event.dataset, event.kind, event.module, event.outcome, observer.type