Package zscaler/internet-access Release Notes
Package zscaler/internet-access Release Notes Version 1.2.0
Implements base64 decoding for the Vendor.url and url.path fields.
Corrects event categorization for event.category, which was incorrectly assigned as "admin" instead of "configuration" for zia.admin events.
Renames the dns.answers.name field to dns.answers[0].name to comply with CPS standard.
Package zscaler/internet-access Release Notes Version 1.1.0
Consolidates dedicated parsers for ZIA feeds into one parser. *This is a breaking change as it forced to rename source fields*. When you install the latest version your search queries which rely on the Vendor specific fields might stop working.
Bumps the minimum LogScale version to 1.142 to support assertions in yaml files.
Improves the field extraction and performance.
Extends parser to normalize Audit, Cloud Access Security Broker (CASB) and Data Loss Prevention (DLP) events.
Adds new fields: event.id, source.geo.name.
Package zscaler/internet-access Release Notes Version 1.0.1
Updates dashboards and saved queries to use event.dataset and event.action instead of type and Vendor.action fields respectively.
Package zscaler/internet-access Release Notes Version 1.0.0
Adds new event.module, event.dataset and Cps.version fields
Removes the Product, related.ip, related.user and related.host fields
Sets following tags: Cps.version, Vendor, ecs.version, event.dataset, event.kind, event.module, event.outcome, observer.type
Bumps parser version to 1.0.0
Bumps ecs.version to 8.11.0
Package zscaler/internet-access Release Notes Version 0.2.0
Changes the firewall, dns, tunnel, and web parsers to normalise event data to common schema.
Adds new dashboards and queries for working with web-logs.
Removes CASB parser, and old queries and dashboards from the package. To keep those, stay on the old version of the package.
Bumps minimum supported version of LogScale for the package to 1.102.