<html lang="en">
<body>

 <p> 
    <b>[OOTB] Linux audit and iptables syslog. Version 4</b><br>
	Change list:
	<ul>
		<li>Parameter "Keep extra fields" was turned on in the extra normalizer "Audit message KV normalization".</li>
		<li>New mapping was added in the extra normalizer "Audit message KV normalization". Event field "SUID" was mapped to the KUMA field "FlexString2", event field "spid" was mapped to the KUMA field "SourceProcessID".</li>
	</ul>
  </p> 


  <p> 
    <b>[OOTB] Linux audit and iptables syslog. Version 3</b><br>
	Change list:
	<ul>
	<li>Parsing of new event type have been added (dbus-daemon).</li>
	<li>Condition of the "Audit message KV normalization" extra normalizer have been fixed.</li>
	<li>DeviceProduct KUMA field value has been added - "Linux".</li>
	<li>DeviceVendor KUMA field value has been changed from "Unix" to "Linux".</li>
	</ul>
  </p> 
    
  <p>
    <b>[OOTB] Linux audit and iptables syslog. Version 2</b><br>
   	Change list:
	<ul>
	<li>Parsing of new event types have been added.</li>
	<li>Mapping of the message field have been removed in the main normalizer.</li>
	<li>Event enrichment (lower case) have been added to *Process Name KUMA field.</li>
	<li>Event enrichment (lower case) have been added to *UserName KUMA field.</li>
	<li>Additional minor improvements.</li>
	</ul>
  </p>

  <p>
	<b>[OOTB] Linux audit and iptables syslog. Version 1</b><br>
	This is the first version of the package.
  </p>

</body>
</html>
