Changelog

Added CCF Push connector with OAuth 2.0 authentication and dedicated tables for 9 event types — modern replacement for Azure Functions ingestion. Read More →

Moves critical IP filtering variables inside parser function to prevent incorrect filtering and potential data loss. Read More →

New ASIM parser normalizes GlobalProtect VPN authentication events from CommonSecurityLog table, enabling unified monitoring of gateway and portal authentication across Palo Alto PAN-OS deployments. Read More →

Added South Africa (za) regional API endpoint support, expanding global deployment coverage for Trend Micro Vision One data ingestion. Read More →

Updated Island connector titles and descriptions to reduce confusion between legacy V1 and current V2 connectors. Read More →

Template validation failure fixed through package regeneration for Visa Threat Intelligence solution v3.0.2. Read More →

Microsoft Sentinel now documents a critical platform limitation where individual fields exceeding 64 KB are silently truncated during ingestion, creating blind spots in large payload analysis. Read More →

Four ASIM schemas missing from KQL validation pipeline now included, preventing unvalidated parser deployments. Read More →

CCF connector repair resolves stream naming mismatch that prevented audit data ingestion in affected deployments. Read More →

SOC Prime solution adds Analytic Rules detecting platform administration events including tenant deletion and successful logins from malicious IPs. Read More →

New Citrix Analytics CCF solution provides push-based ingestion for SPA and CVAD security events via Azure Monitor Logs Ingestion API. Read More →

SAP Reader role permissions significantly reduced for agentless connector, implementing least-privilege access while maintaining monitoring capabilities. Read More →

Removed redundant configuration field from TheHive CCF connector to resolve ARM-TTK validation warnings and ensure clean deployment. Read More →

Azure Resource Graph connector updated table labels to align with Table Management naming conventions, ensuring consistent query references. Read More →

Two SAP solutions transitioned from preview to production-ready status, unlocking stable SAP audit and infrastructure log ingestion. Read More →

New ASIM parser normalizes VMware vCenter authentication events from syslog streams to enable detection coverage across vSphere environments. Read More →

Critical deployment fix for Cyren-SentinelOne connector that was failing ARM template validation in Content Hub, preventing threat intelligence data ingestion. Read More →

D3 Security migrates from Managed Application to Solution Template plan type, requiring new offer ID and deployment procedures. Read More →

ASimTester validation schema adds Snowflake, Databricks, and Salesforce to AssetEntity EntitySource enumeration for broader data platform asset tracking. Read More →

ASIM authentication parser for Cisco IOS enables normalized monitoring of login, logout, and failed authentication events from network infrastructure devices. Read More →