v-muuppugund
commented
8 months ago Hi @NickNicolaou2129 , Thanks for flagging this issue, we will investigate this issue and get back to you with some updates by 28Feb2024. Thanks!
Closed NickNicolaou2129 closed 7 months ago
v-muuppugund
commented
8 months ago Hi @NickNicolaou2129 , Thanks for flagging this issue, we will investigate this issue and get back to you with some updates by 28Feb2024. Thanks!
v-sudkharat
commented
8 months ago Hi @NickNicolaou2129, We are still checking on this issue, once it gets done will update you. Thanks!
v-muuppugund
commented
8 months ago Hi @NickNicolaou2129 , The following is the status
v-muuppugund
commented
7 months ago Hi @NickNicolaou2129 ,Still need some more time for testing the parser with initial data
NickNicolaou2129
commented
7 months ago Hi @v-muuppugund , any news?
v-muuppugund
commented
7 months ago Hi @v-muuppugund , any news?
Hi @NickNicolaou2129 ,Working on testing,Will update you
v-muuppugund
commented
7 months ago Hi @v-muuppugund , any news?
Hi @NickNicolaou2129 ,Working on testing,Will update you
Hi @NickNicolaou2129 ,will share the parser in a day or 2 days
v-muuppugund
commented
7 months ago Hi @NickNicolaou2129 ,As disucssed yesterday, tested the parser and changes,working on PR,will update you
v-muuppugund
commented
7 months ago Hi @NickNicolaou2129, we have raised the PR with the enhancements. The changes will be reflected once the PR is merged. PR link - #10020
Thank you for your cooperation.
v-muuppugund
commented
7 months ago Hi @NickNicolaou2129, we have raised the PR with the enhancements. The changes will be reflected once the PR is merged. PR link - #10020
Thank you for your cooperation.
Describe the bug Hi, the parse for the Exchange Security Insights Online connector misses out valuable fields
To Reproduce Steps to reproduce the behavior:
Go to LAW and open Logs Search the table ESIExchangeConfig_CL View the logs in RawData column, we see that the logs within here are not parsed: ESIExchangeConfig_CL
Example: {"Parentgroup":"Exchange Windows Permissions","Level":1,"ObjectClass":"group","MemberPath":"Exchange Windows Permissions\Exchange Trusted Subsystem","ObjectGuid":"XXXX","Members":[{"SamAccountName":"REDACTED$","SID":"S-1-5-21-1310785037-698004181-1737509496-82221","DistinguishedName":"CN=REDACTED,OU=Member,OU=Server,OU=Company,DC=sys,DC=net","Name":"REDACTED","ObjectClass":"computer","ObjectGuid":"REDACTED","PropertyNames":"distinguishedName name objectClass objectGUID SamAccountName SID","AddedProperties":"","RemovedProperties":"","ModifiedProperties":"","PropertyCount":6,"distinguishedName":"CN=REDACTED,OU=Member,OU=Server,OU=Company,DC=sys,DC=net","name":"WEXCHG005760","objectClass":"computer","objectGUID":"55a37265-06cb-4082-b4ab-cab00f32e568"},{"SamAccountName":"REDACTED$","SID":"S-1-5-21-1310785037-698004181-1737509496-83666","DistinguishedName":"CN=WEXCHG005759,OU=Member,OU=Server,OU=Company,DC=sys,DC=net","Name":"REDACTED","ObjectClass":"computer","ObjectGuid":"cfb3b172-0d60-4879-b655-0658490a694f","PropertyNames":"distinguishedName name objectClass objectGUID SamAccountName SID","AddedProperties":"","RemovedProperties":"","ModifiedProperties":"","PropertyCount":6,"distinguishedName":"CN=REDACTED,OU=Member,OU=Server,OU=Company,DC=sys,DC=net","name":"WEXCHG005759","objectClass":"computer","objectGUID":"cfb3b172-0d60-4879-b655-0658490a694f"}],"LastLogon":null,"LastPwdSet":null,"Enabled":null,"HasMbx":null,"SamAccountName":null,"CanonicalName":null,"UserPrincipalName":null,"DN":"CN=Exchange Trusted Subsystem,OU=Microsoft Exchange Security Groups,DC=sys,DC=net","LastLogonString":null,"LastPwdSetString":null}
I have already sent an export that you can analyse the raw data from to parse what is not already parsed.
Expected behavior All data in the RAW data column should be correctly parsed and presented as a column in the log results.