Changelog

Fixes a critical deployment bug present since v1.0.0 where hardcoded placeholder URL caused complete playbook failure for all Content Hub installations. Read More →

Gigamon connector migrated from deprecated Log Analytics method to CCF push architecture, preventing complete loss of network traffic and threat visibility. Read More →

Fixes timeout-induced ingestion failures in offline enrollment log processing and updates duo-client library for security maintenance. Read More →

Google Kubernetes Engine connector documentation updated to reference official Microsoft Learn guides instead of personal repositories. Read More →

Updated ASIM Registry Event parser for Microsoft 365 Defender to include mandatory EventSchema and EventResult fields per schema compliance requirements. Read More →

Compliance update removes credential scanner violations from securestring parameters and aligns all content versions to 3.0.3. Read More →

Major migration from HTTP Data Collector API to CCF RestApiPoller enabling automatic polling with query-time deduplication for IONIX attack surface management data. Read More →

Documentation update adds support for Logstash versions 8.19.2, 9.0.8, 9.1.10, and 9.2.4-9.2.5. Read More →

Critical fix aligns queryPeriod with 5-day learning window, restoring proper baseline computation for abnormal deny rate detection. Read More →

Comprehensive update to 17 IPinfo connectors enhancing deployment reliability with runtime pinning, dependency fixes, and multi-workspace DCR support. Read More →

Critical fix resolves undefined symbol error that prevented Lookout connector creation, restoring mobile threat detection capability. Read More →

Critical security hardening update enforces minimum TLS 1.2 for Azure storage accounts in Function App deployment template. Read More →

New CCF push connector enables direct ingestion of DataBahn audit logs, alerts, and device inventory into Microsoft Sentinel. Read More →

Minor documentation improvement clarifying protected settings visibility in Custom Script Extension hunting query. Read More →

Major tooling update adds Kusto integration, improves CCF connector classification, and fixes ASIM parser documentation generation. Read More →

New FileEvent parser enables normalized S3 object activity monitoring from AWS CloudTrail logs across bucket operations and object lifecycle events. Read More →

New Codeless Connector Framework template enables ingestion from Azure Storage blob containers via event-driven data flows. Read More →

Updated savedSearches API version from 2022-10-01 to 2025-07-01 in solution metadata generation tool. Read More →

Configuration updates eliminate massive duplicate indicator ingestion caused by small page sizes and frequent polling intervals. Read More →

New Analytic Rule enables detection of malicious URLs from threat feeds in web traffic, closing coverage gap for URL-based indicators. Read More →