SecurityBridge App Schema Update: New SecurityBridge_CL Table Enables Native SAP Log Ingestion

What Changed

Added new SecurityBridge_CL custom table definition with comprehensive schema for native SAP audit log ingestion, replacing legacy CEF-based parser approach with structured DCR ingestion.

Security Impact (Visibility & Fidelity)

Native SAP Log Structure: New SecurityBridge_CL table provides native SAP audit log fields (BusinessEvent, client, User, UserGroup, triggeringTA, etc.) enabling more precise SAP security analytics without CEF parsing overhead.

Enhanced Data Fidelity: Direct field mapping eliminates data loss from CEF conversion process — SAP-specific attributes like StagingLevel, PGUID, and contact information are now preserved natively for compliance reporting.

Improved Query Performance: Structured table schema replaces complex CEF parsing logic in SecurityBridgeLogs parser, significantly improving query performance for SAP security investigations.

Dual Stream Support: Solution now supports both SAP_ABAPAUDITLOG (ASIM-compatible) and Custom-SecurityBridge_CL streams for flexible deployment architectures.

Affected Files

Solutions/SecurityBridge App/Data Connectors/SecurityBridge_PUSH_CCP/SecurityBridge_CL.json Solutions/SecurityBridge App/Data Connectors/SecurityBridge_PUSH_CCP/SecurityBridge_DCR.json Solutions/SecurityBridge App/Data Connectors/SecurityBridge_PUSH_CCP/SecurityBridge_connectorDefinition.json Solutions/SecurityBridge App/Parsers/SecurityBridgeLogs.yaml (removed) (packaging artefacts: mainTemplate.json, createUiDefinition.json, etc.)