Updated Sample data file

v-sudkharat · v-sudkharat · commit 0234a7541d25 · 2025-06-26T17:10:01.000+05:30
diff --git a/Parsers/ASimWebSession/Parsers/ASimWebSessionzScalerZIA.yaml b/Parsers/ASimWebSession/Parsers/ASimWebSessionzScalerZIA.yaml
@@ -1,7 +1,7 @@
 Parser:
   Title: Web Session ASIM parser for Zscaler ZIA
   Version: '0.4.1'
-  LastUpdated: May 30, 2025
+  LastUpdated: May 31, 2025
 Product:
   Name: Zscaler ZIA
 Normalization:
diff --git a/Parsers/ASimWebSession/Parsers/vimWebSessionzScalerZIA.yaml b/Parsers/ASimWebSession/Parsers/vimWebSessionzScalerZIA.yaml
@@ -1,7 +1,7 @@
 Parser:
   Title: Web Session ASIM filtering parser for Zscaler ZIA
   Version: '0.6.1'
-  LastUpdated: May 30, 2025
+  LastUpdated: May 31, 2025
 Product:
   Name: Zscaler ZIA Proxy
 Normalization:
diff --git a/Sample Data/ASIM/Zscaler_ZIA Proxy_WebSession_IngestedLogs.csv b/Sample Data/ASIM/Zscaler_ZIA Proxy_WebSession_IngestedLogs.csv
@@ -10,4 +10,4 @@ TimeGenerated,DeviceVendor,DeviceProduct,DeviceVersion,DeviceAction,ApplicationP
 2024-01-15T10:31:20.456Z,Zscaler,NSSWeblog,5.2.26.18,Blocked,HTTPS,185.199.108.153,github.com,GitHub,application/json,Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15,POST,192.168.1.101,jane.smith@company.com,203.0.113.11,Marketing,Technology/Developer Tools,Malware,Trojan.Generic,trojan.exe,abc123def456,3,Web transaction blocked,github.com/api/user/repos,0,234,https://github.com/dashboard,zscaler-proxy,rulelabel=Block_Malware;ruletype=SecurityRule;urlclass=Technology;devicemodel=;,403,Malware detected,5.2.26.18,3,HTTPS,1,GitHub,github.com,203.0.113.11,MD5,abc123def456,github.com,185.199.108.153,application/json,Web transaction blocked,Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15,POST,203.0.113.11,Marketing,192.168.1.101,jane.smith@company.com,HTTPsession,Technology/Technology/Developer Tools,Trojan.Generic,zscaler-proxy,CommonSecurityLog,/subscriptions/test/resourceGroups/test/providers/Microsoft.OperationalInsights/workspaces/test,2024-01-15T10:31:20.456Z,Zscaler,ZIA Proxy,WebSession,0.2.3,2024-01-15T10:31:20.456Z,SecurityRule/Block_Malware,,Deny,Malware detected,403,95,zscaler-proxy,234,0,https://github.com/api/user/repos,Malware/Trojan.Generic,https://github.com/dashboard,github,,Failure,High,SaaS application,FQDN,UPN,zscaler-proxy,github,Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15,jane.smith@company.com,403,203.0.113.11
 2024-01-15T10:36:45.901Z,Zscaler,NSSWeblog,5.2.26.18,Blocked,HTTPS,203.0.113.100,suspicious-domain.com,Unknown,application/octet-stream,Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36,GET,192.168.1.106,risky.user@company.com,203.0.113.16,Finance,Uncategorized/Unknown,Spyware,Data Exfiltration,spyware.dll,ghi456jkl789,1,Web transaction blocked,suspicious-domain.com/download/malware.exe,0,89,None,zscaler-proxy,rulelabel=Block_Spyware;ruletype=SecurityRule;urlclass=Uncategorized;devicemodel=;,403,Spyware detected,5.2.26.18,1,HTTPS,1,,suspicious-domain.com,203.0.113.16,MD5,ghi456jkl789,suspicious-domain.com,203.0.113.100,application/octet-stream,Web transaction blocked,Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36,GET,203.0.113.16,Finance,192.168.1.106,risky.user@company.com,HTTPsession,Uncategorized/Uncategorized/Unknown,Data Exfiltration,zscaler-proxy,CommonSecurityLog,/subscriptions/test/resourceGroups/test/providers/Microsoft.OperationalInsights/workspaces/test,2024-01-15T10:36:45.901Z,Zscaler,ZIA Proxy,WebSession,0.2.3,2024-01-15T10:36:45.901Z,SecurityRule/Block_Spyware,,Deny,Spyware detected,403,95,zscaler-proxy,89,0,https://suspicious-domain.com/download/malware.exe,Spyware/Data Exfiltration,,suspicious-domain,com,Failure,High,SaaS application,FQDN,UPN,zscaler-proxy,suspicious-domain,Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36,risky.user@company.com,403,203.0.113.16
 2024-01-15T10:31:20.456Z,Zscaler,NSSWeblog,5.2.26.18,Blocked,HTTPS,185.199.108.153,github.com,GitHub,application/json,Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15,POST,192.168.1.101,jane.smith@company.com,203.0.113.11,Marketing,Technology/Developer Tools,Malware,Trojan.Generic,trojan.exe,abc123def456,3,Web transaction blocked,github.com/api/user/repos,0,234,https://github.com/dashboard,zscaler-proxy,rulelabel=Block_Malware;ruletype=SecurityRule;urlclass=Technology;devicemodel=;,403,Malware detected,5.2.26.18,3,HTTPS,1,GitHub,github.com,203.0.113.11,MD5,abc123def456,github.com,185.199.108.153,application/json,Web transaction blocked,Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15,POST,203.0.113.11,Marketing,192.168.1.101,jane.smith@company.com,HTTPsession,Technology/Technology/Developer Tools,Trojan.Generic,zscaler-proxy,CommonSecurityLog,/subscriptions/test/resourceGroups/test/providers/Microsoft.OperationalInsights/workspaces/test,2024-01-15T10:31:20.456Z,Zscaler,ZIA Proxy,WebSession,0.2.3,2024-01-15T10:31:20.456Z,SecurityRule/Block_Malware,,Deny,Malware detected,403,95,zscaler-proxy,234,0,https://github.com/api/user/repos,Malware/Trojan.Generic,https://github.com/dashboard,github,,Failure,High,SaaS application,FQDN,UPN,zscaler-proxy,github,Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15,jane.smith@company.com,403,203.0.113.11
-2024-01-15T10:36:45.901Z,Zscaler,NSSWeblog,5.2.26.18,Blocked,HTTPS,203.0.113.100,suspicious-domain.com,Unknown,application/octet-stream,Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36,GET,192.168.1.106,risky.user@company.com,203.0.113.16,Finance,Uncategorized/Unknown,Spyware,Data Exfiltration,spyware.dll,ghi456jkl789,1,Web transaction blocked,suspicious-domain.com/download/malware.exe,0,89,None,zscaler-proxy,rulelabel=Block_Spyware;ruletype=SecurityRule;urlclass=Uncategorized;devicemodel=;,403,Spyware detected,5.2.26.18,1,HTTPS,1,,suspicious-domain.com,203.0.113.16,MD5,ghi456jkl789,suspicious-domain.com,203.0.113.100,application/octet-stream,Web transaction blocked,Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36,GET,203.0.113.16,Finance,192.168.1.106,risky.user@company.com,HTTPsession,Uncategorized/Uncategorized/Unknown,Data Exfiltration,zscaler-proxy,CommonSecurityLog,/subscriptions/test/resourceGroups/test/providers/Microsoft.OperationalInsights/workspaces/test,2024-01-15T10:36:45.901Z,Zscaler,ZIA Proxy,WebSession,0.2.3,2024-01-15T10:36:45.901Z,SecurityRule/Block_Spyware,,Deny,Spyware detected,403,95,zscaler-proxy,89,0,https://suspicious-domain.com/download/malware.exe,Spyware/Data Exfiltration,,suspicious-domain,com,Failure,High,SaaS application,FQDN,UPN,zscaler-proxy,suspicious-domain,Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36,risky.user@company.com,403,203.0.113.16
+2024-02-15T10:36:45.901Z,Zscaler,NSSWeblog,5.2.26.18,Blocked,HTTPS,203.0.113.100,suspicious-domain.com,Unknown,application/octet-stream,Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36,GET,192.168.1.106,risky.user@company.com,203.0.113.16,Finance,Uncategorized/Unknown,Spyware,Data Exfiltration,spyware.dll,ghi456jkl789,1,Web transaction blocked,suspicious-domain.com/download/malware.exe,0,89,None,zscaler-proxy,rulelabel=Block_Spyware;ruletype=SecurityRule;urlclass=Uncategorized;devicemodel=;,403,Spyware detected,5.2.26.18,1,HTTPS,1,,suspicious-domain.com,203.0.113.16,MD5,ghi456jkl789,suspicious-domain.com,203.0.113.100,application/octet-stream,Web transaction blocked,Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36,GET,203.0.113.16,Finance,192.168.1.106,risky.user@company.com,HTTPsession,Uncategorized/Uncategorized/Unknown,Data Exfiltration,zscaler-proxy,CommonSecurityLog,/subscriptions/test/resourceGroups/test/providers/Microsoft.OperationalInsights/workspaces/test,2024-01-15T10:36:45.901Z,Zscaler,ZIA Proxy,WebSession,0.2.3,2024-01-15T10:36:45.901Z,SecurityRule/Block_Spyware,,Deny,Spyware detected,403,95,zscaler-proxy,89,0,https://suspicious-domain.com/download/malware.exe,Spyware/Data Exfiltration,,suspicious-domain,com,Failure,High,SaaS application,FQDN,UPN,zscaler-proxy,suspicious-domain,Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36,risky.user@company.com,403,203.0.113.16
