File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -32,6 +32,25 @@ removed. It is functionally subsumed by
3232Activity, ` class_uid=4001 ` ) for a broader range of log types. The now-empty
3333` pipelines/community/serializers/ ` umbrella has been removed alongside it.
3434
35+ ### Removed - F-graded ` palo_alto_networks_firewall ` transform
36+
37+ ` pipelines/community/transform_ocsf/palo_alto_networks_firewall/ ` has been
38+ removed. It was graded F (` analyzer_limit ` , 0% required-field coverage), used
39+ a non-standard ` class_uid=99602001 ` (SentinelOne Security Alert Extended) that
40+ diverged from the rest of the PAN-OS cluster (` class_uid=4001 ` Network
41+ Activity), and had no matching upstream parser in ` parsers/community/ ` (its
42+ ` source_name ` lacked the ` -latest ` versioning suffix used by every other
43+ PAN-OS entry). The three remaining PAN-OS transforms (` paloalto_logs/ ` ,
44+ ` paloalto_alternate_logs/ ` , ` paloalto_vpn_logs/ ` ) are unaffected.
45+
46+ ### Documented - PAN-OS transform variant binding
47+
48+ The three remaining PAN-OS OCSF transforms in
49+ ` pipelines/community/transform_ocsf/ ` now declare in their ` metadata.yaml `
50+ ` purpose ` field which upstream parser in ` parsers/community/ ` they bind to
51+ and the field-name convention each expects, so users can choose between them
52+ without reading the Lua. No serializer logic changes.
53+
3554## [ 1.3.0] - 2025-10-28
3655
3756### Added
Load Diff This file was deleted.
Load Diff This file was deleted.
Load Diff This file was deleted.
You can’t perform that action at this time.
0 commit comments