Change log for WINDOWS_HYPERV

Date	Changes
2025-06-17	Enhancement: - event.idm.read_only_udm.additional.fields: Newly mapped `channel` field with `event.idm.read_only_udm.additional.fields` UDM field. - event.idm.read_only_udm.principal.hostname: Newly mapped `computer` field with `event.idm.read_only_udm.principal.hostname` and `event.idm.read_only_udm.principal.asset.hostname` UDM field. - event.idm.read_only_udm.additional.fields: Newly mapped `event_data.data.ioctlCode` field with `event.idm.read_only_udm.additional.fields` UDM field. - event.idm.read_only_udm.additional.fields: Newly mapped `event_data.data.delta (100 ns)` field with `event.idm.read_only_udm.additional.fields` UDM field. - event.idm.read_only_udm.additional.fields: Newly mapped `event_data.data.ntStatus` field with `event.idm.read_only_udm.additional.fields` UDM field. - event.idm.read_only_udm.principal.user.user_display_name: Newly mapped `event_data.name` field with `event.idm.read_only_udm.principal.user.user_display_name` UDM field. - event.idm.read_only_udm.additional.fields: Newly mapped `event_id.id` field with `event.idm.read_only_udm.additional.fields` UDM field. - event.idm.read_only_udm.additional.fields: Newly mapped `event_id.qualifiers` field with `event.idm.read_only_udm.additional.fields` UDM field. - event.idm.read_only_udm.target.process.pid: Newly mapped `execution.process_id` field with `event.idm.read_only_udm.target.process.pid` UDM field. - event.idm.read_only_udm.target.process.product_specific_process_id: Newly mapped `execution.thread_id` field with `event.idm.read_only_udm.target.process.product_specific_process_id` UDM field. - event.idm.read_only_udm.additional.fields: Newly mapped `keywords` field with `event.idm.read_only_udm.additional.fields` UDM field. - event.idm.read_only_udm.security_result.severity: Newly mapped `level` field with `event.idm.read_only_udm.security_result.severity` UDM field. - event.idm.read_only_udm.additional.fields: Newly mapped `opcode` field with `event.idm.read_only_udm.additional.fields` UDM field. - event.idm.read_only_udm.metadata.product_event_type: Newly mapped `provider.event_source` field with `event.idm.read_only_udm.metadata.product_event_type` UDM field. - event.idm.read_only_udm.target.resource.id: Newly mapped `provider.guid` field with `event.idm.read_only_udm.target.resource.id` UDM field. - event.idm.read_only_udm.metadata.product_name: Newly mapped `provider.name` field with `event.idm.read_only_udm.metadata.product_name` UDM field. - event.idm.read_only_udm.metadata.product_log_id: Newly mapped `record_id` field with `event.idm.read_only_udm.metadata.product_log_id` UDM field. - event.idm.read_only_udm.principal.user.userid: Newly mapped `security.user_id` field with `event.idm.read_only_udm.principal.user.userid` UDM field. - event.idm.read_only_udm.metadata.collected_timestamp: Newly mapped `system_time` field with `event.idm.read_only_udm.metadata.collected_timestamp` UDM field. - event.idm.read_only_udm.additional.fields: Newly mapped `task` field with `event.idm.read_only_udm.additional.fields` UDM field. - event.idm.read_only_udm.target.resource.product_object_id: Newly mapped `ioctl_Code` field with `event.idm.read_only_udm.target.resource.product_object_id` UDM field. - event.idm.read_only_udm.security_result.detection_fields: Newly mapped `nt_status` field with `event.idm.read_only_udm.security_result.detection_fields` UDM field. - event.idm.read_only_udm.network.session_duration.nanos: Newly mapped `n_delta` field with `event.idm.read_only_udm.network.session_duration.nanos` UDM field. - event.idm.read_only_udm.security_result.description: Newly mapped `NT` field with `event.idm.read_only_udm.security_result.description` UDM field.
2023-10-09	- Newly created parser.

Date

Changes

2025-06-17

Enhancement:
- event.idm.read_only_udm.additional.fields: Newly mapped `channel` field with `event.idm.read_only_udm.additional.fields` UDM field.
- event.idm.read_only_udm.principal.hostname: Newly mapped `computer` field with `event.idm.read_only_udm.principal.hostname` and `event.idm.read_only_udm.principal.asset.hostname` UDM field.
- event.idm.read_only_udm.additional.fields: Newly mapped `event_data.data.ioctlCode` field with `event.idm.read_only_udm.additional.fields` UDM field.
- event.idm.read_only_udm.additional.fields: Newly mapped `event_data.data.delta (100 ns)` field with `event.idm.read_only_udm.additional.fields` UDM field.
- event.idm.read_only_udm.additional.fields: Newly mapped `event_data.data.ntStatus` field with `event.idm.read_only_udm.additional.fields` UDM field.
- event.idm.read_only_udm.principal.user.user_display_name: Newly mapped `event_data.name` field with `event.idm.read_only_udm.principal.user.user_display_name` UDM field.
- event.idm.read_only_udm.additional.fields: Newly mapped `event_id.id` field with `event.idm.read_only_udm.additional.fields` UDM field.
- event.idm.read_only_udm.additional.fields: Newly mapped `event_id.qualifiers` field with `event.idm.read_only_udm.additional.fields` UDM field.
- event.idm.read_only_udm.target.process.pid: Newly mapped `execution.process_id` field with `event.idm.read_only_udm.target.process.pid` UDM field.
- event.idm.read_only_udm.target.process.product_specific_process_id: Newly mapped `execution.thread_id` field with `event.idm.read_only_udm.target.process.product_specific_process_id` UDM field.
- event.idm.read_only_udm.additional.fields: Newly mapped `keywords` field with `event.idm.read_only_udm.additional.fields` UDM field.
- event.idm.read_only_udm.security_result.severity: Newly mapped `level` field with `event.idm.read_only_udm.security_result.severity` UDM field.
- event.idm.read_only_udm.additional.fields: Newly mapped `opcode` field with `event.idm.read_only_udm.additional.fields` UDM field.
- event.idm.read_only_udm.metadata.product_event_type: Newly mapped `provider.event_source` field with `event.idm.read_only_udm.metadata.product_event_type` UDM field.
- event.idm.read_only_udm.target.resource.id: Newly mapped `provider.guid` field with `event.idm.read_only_udm.target.resource.id` UDM field.
- event.idm.read_only_udm.metadata.product_name: Newly mapped `provider.name` field with `event.idm.read_only_udm.metadata.product_name` UDM field.
- event.idm.read_only_udm.metadata.product_log_id: Newly mapped `record_id` field with `event.idm.read_only_udm.metadata.product_log_id` UDM field.
- event.idm.read_only_udm.principal.user.userid: Newly mapped `security.user_id` field with `event.idm.read_only_udm.principal.user.userid` UDM field.
- event.idm.read_only_udm.metadata.collected_timestamp: Newly mapped `system_time` field with `event.idm.read_only_udm.metadata.collected_timestamp` UDM field.
- event.idm.read_only_udm.additional.fields: Newly mapped `task` field with `event.idm.read_only_udm.additional.fields` UDM field.
- event.idm.read_only_udm.target.resource.product_object_id: Newly mapped `ioctl_Code` field with `event.idm.read_only_udm.target.resource.product_object_id` UDM field.
- event.idm.read_only_udm.security_result.detection_fields: Newly mapped `nt_status` field with `event.idm.read_only_udm.security_result.detection_fields` UDM field.
- event.idm.read_only_udm.network.session_duration.nanos: Newly mapped `n_delta` field with `event.idm.read_only_udm.network.session_duration.nanos` UDM field.
- event.idm.read_only_udm.security_result.description: Newly mapped `NT` field with `event.idm.read_only_udm.security_result.description` UDM field.

2023-10-09

- Newly created parser.