From b4f1c74c0db93364d50e27d867d6cde359145da1 Mon Sep 17 00:00:00 2001
From: v-sabiraj <v-sabiraj@microsoft.com>
Date: Thu, 31 Aug 2023 12:19:33 +0530
Subject: [PATCH] Update JuniperSRX.txt

---
 Solutions/Juniper SRX/Parsers/JuniperSRX.txt | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/Solutions/Juniper SRX/Parsers/JuniperSRX.txt b/Solutions/Juniper SRX/Parsers/JuniperSRX.txt
index 4d5448aeb20..00511e63997 100644
--- a/Solutions/Juniper SRX/Parsers/JuniperSRX.txt	
+++ b/Solutions/Juniper SRX/Parsers/JuniperSRX.txt	
@@ -100,10 +100,12 @@ let FlowNotDenyEvents = FlowEvents
          Substring = tostring(Parser[12])
 | extend Parser2 = extract_all(@"(0x0/s)?([\S]+)\s([\S]+)\s([\S]+)\s([\S]+)\s(\d+)\s([\S]+)\s([\S]+)\s([\S]+)\s(\d+)",dynamic([1,2,3,4,5,6,7,8,9,10]), Substring)
 | mvexpand Parser2
-| extend ProtocolId = toint(Parser2[5]),
+| extend SrcNatRuleName = tostring(Parser2[2]),
+         DstNatRuleName = tostring(Parser2[4]),
+         ProtocolId = toint(Parser2[5]),
          PolicyName = tostring(Parser2[6]),
-         SrcNatRuleName = tostring(Parser2[7]),
-         DstNatRuleName = tostring(Parser2[8]),
+         SourceZoneName = tostring(Parser2[7]),
+         DestinationZoneName = tostring(Parser2[8]),
          SessionId = toint(Parser2[9])
 | project-away Parser, Parser2, Substring;
 let AllOtherEvents = LogHeader