Describe the bug
The parser does not work correctly with data coming AMA connector.

To Reproduce
Execute the parser against Syslog data collected with AMA.

Expected behavior
Parse the data

Additional context
Basically, we installed Custom logs via AMA data connector on a “default configured” Squid proxy, using AMA version 1.33.1.0, and we planned to use the “Web Session Essentials Workbook”.
Data filled in the right table with no issue (Squidproxy_CL) but the workbook did not get any data (and we configured the logic apps, same issue).
Troubleshooting the issue, we went through _Asim_WebSession(), then _Im_WebSessionBuiltIn(), then _Im_WebSession_SquidProxyV06, we found a few errors in the last one.
On line 32, it’s expecting a computer field which does not exist in the table:
Dvc = Computer
On line 88, it’s projecting away a few field that don’t exist in the table;:
| project-away AccessRawLog, RawData, *_s, MG, ManagementGroupName, SourceSystem, TenantId, DstIpAddrIsHost
For testing purpose, we added the following transformation rule in the DCR :
source | extend Computer="FakeComputerName", MG="MG", ManagementGroupName="ManagementGroupName", SourceSystem="SourceSystem"
We then saw data in the workbook 😊