Change log for GCP_MONITORING_ALERTS

Date	Changes
2026-01-29	Enhancement: -'event.idm.read_only_udm.additional.fields': Newly mapped 'incident.state', 'incident.version', 'version' raw log field. -'event.idm.read_only_udm.target.asset.attribute.cloud.project.id': Newly mapped 'incident.scoping_project_id' raw log field. -'event.idm.read_only_udm.target.location.name': Newly mapped 'incident.resource.labels.location' raw log field. -'event.idm.read_only_udm.target.resource.name': Newly mapped 'incident.resource_name' raw log field. -'event.idm.read_only_udm.target.resource.resource_subtype': Newly mapped 'incident.resource_type_display_name' raw log field. -'event.idm.read_only_udm.target.resource.type': Newly mapped 'incident.resource.type' raw log field. -'event.idm.read_only_udm.target.resource.attribute.labels': Newly mapped 'incident.resource.labels.project_id', 'incident.resource.labels.log_type', 'incident.metric.labels.feed_name', 'incident.scoping_project_number' raw log field. -'event.idm.read_only_udm.security_result.description': Newly mapped 'incident.condition.displayName' raw log field. -'event.idm.read_only_udm.security_result.detection_fields': Newly mapped 'incident.condition_name', 'incident.started_at', 'incident.metric.type', 'incident.condition.conditionAbsent.aggregations', ' incident.condition.name', 'incident.metric.displayName', 'incident.condition.conditionAbsent.duration', 'incident.condition.conditionAbsent.filter', 'incident.condition.conditionAbsent.trigger.count', 'incident.documentation.subject' raw log field. -'event.idm.read_only_udm.security_result.rule_name': Newly mapped 'incident.policy_name' raw log field. -'event.idm.read_only_udm.security_result.severity': Newly mapped 'incident.severity' raw log field. -'event.idm.read_only_udm.security_result.severity_details': Newly mapped 'severity' raw log field. -'event.idm.read_only_udm.security_result.summary': Newly mapped 'incident.summary' raw log field. -'event.idm.read_only_udm.security_result.url_back_to_product': Newly mapped 'incident.url' raw log field. -Added a for loop to process fields within 'incident.condition.conditionAbsent.aggregations' and map them to 'event.idm.read_only_udm.security_result.detection_fields'.
2024-07-09	- Newly created parser.

Date

Changes

2026-01-29

Enhancement:
-'event.idm.read_only_udm.additional.fields': Newly mapped 'incident.state', 'incident.version', 'version' raw log field.
-'event.idm.read_only_udm.target.asset.attribute.cloud.project.id': Newly mapped 'incident.scoping_project_id' raw log field.
-'event.idm.read_only_udm.target.location.name': Newly mapped 'incident.resource.labels.location' raw log field.
-'event.idm.read_only_udm.target.resource.name': Newly mapped 'incident.resource_name' raw log field.
-'event.idm.read_only_udm.target.resource.resource_subtype': Newly mapped 'incident.resource_type_display_name' raw log field.
-'event.idm.read_only_udm.target.resource.type': Newly mapped 'incident.resource.type' raw log field.
-'event.idm.read_only_udm.target.resource.attribute.labels': Newly mapped 'incident.resource.labels.project_id', 'incident.resource.labels.log_type', 'incident.metric.labels.feed_name', 'incident.scoping_project_number' raw log field.
-'event.idm.read_only_udm.security_result.description': Newly mapped 'incident.condition.displayName' raw log field.
-'event.idm.read_only_udm.security_result.detection_fields': Newly mapped 'incident.condition_name', 'incident.started_at', 'incident.metric.type', 'incident.condition.conditionAbsent.aggregations', ' incident.condition.name', 'incident.metric.displayName', 'incident.condition.conditionAbsent.duration', 'incident.condition.conditionAbsent.filter', 'incident.condition.conditionAbsent.trigger.count', 'incident.documentation.subject' raw log field.
-'event.idm.read_only_udm.security_result.rule_name': Newly mapped 'incident.policy_name' raw log field.
-'event.idm.read_only_udm.security_result.severity': Newly mapped 'incident.severity' raw log field.
-'event.idm.read_only_udm.security_result.severity_details': Newly mapped 'severity' raw log field.
-'event.idm.read_only_udm.security_result.summary': Newly mapped 'incident.summary' raw log field.
-'event.idm.read_only_udm.security_result.url_back_to_product': Newly mapped 'incident.url' raw log field.
-Added a for loop to process fields within 'incident.condition.conditionAbsent.aggregations' and map them to 'event.idm.read_only_udm.security_result.detection_fields'.

2024-07-09

- Newly created parser.