What Changed
Fixed parameter name inconsistency in the Azure DevOps Audit Logs CCF connector configuration that was preventing the connector from functioning. The queryParameters keys were changed from “from”/“to” to “startTime”/“endTime” to match the corresponding StartTimeAttributeName/EndTimeAttributeName values.
Security Impact (Visibility & Fidelity)
This was a complete connector failure. Deployments running the previous version experienced zero audit log ingestion from Azure DevOps due to the parameter mismatch. The CCF framework could not reconcile the time-window parameters, causing the connector to fail during configuration.
Per PR discussion: deployments now show “Connected” status after applying this fix, confirming that the connector was previously non-functional and audit visibility has been restored.
Data Source
Azure DevOps audit logs provide visibility into:
- Project and organization-level configuration changes
- User access and permission modifications
- Pipeline and repository security events
- Administrative actions across Azure DevOps services
This connector failure represented a complete blind spot for Azure DevOps security monitoring in affected deployments.
Affected Files
Solutions/AzureDevOpsAuditing/Data Connectors/AzureDevOpsAuditLogs_CCP/AzureDevOpsAuditLogs_PollingConfig.json
(packaging artefacts: 3.0.9.zip, ReleaseNotes.md, Solution_AzureDevOpsAuditing.json, mainTemplate.json)