Changelog

August 29, 2025

Microsoft Entra ID Conditional Access Rules: Incident Configuration Fix Resolves Rule Creation Failures

Microsoft Entra ID Conditional Access detection rules updated to fix lookbackDuration format preventing rule deployment in Microsoft Sentinel workspaces. Read More →

August 28, 2025

Threat Intelligence Detection: Alert Description Field Mapping Fix Restores Dynamic Content

Threat Intelligence DomainEntity_imWebSession rule updated to fix alert description field mapping, replacing non-existent Type field with ThreatType for proper alert context. Read More →

August 28, 2025

Zscaler Private Access Parser: Enhanced Field Coverage Improves Network Session Visibility

ZPAEvent parser updated to version 1.0.3 with additional fields for SessionID, IPProtocol, and ClientCountryCode, improving zero-trust network monitoring capabilities. Read More →

August 28, 2025

GitHub Webhook Connector: Deprecated Status Removed, Restored to Active Support

GitHub webhook connector restored from deprecated status, indicating renewed support for GitHub security event ingestion via webhooks. Read More →

August 28, 2025

Cisco Umbrella Elastic Premium Connector: Data Consistency Fix Aligns with Standard Connector

Cisco Umbrella elastic premium connector updated to match standard connector data types and table structures for consistent log processing and queries. Read More →

August 28, 2025

ProofPoint TAP Connector: Critical API Parameter Update Restores Complete Data Ingestion

ProofPoint TAP CCF connector updated from deprecated sinceTime to interval-based polling, addressing incomplete data retrieval that affected threat visibility. Read More →

Auto-generated content based on the Azure-Sentinel GitHub repo.

Microsoft Sentinel is a trademark of Microsoft Corporation.