Other: ASIM Schemas on sentinelchangelog.net

Other: ASIM Schemas on sentinelchangelog.nethttp://sentinelchangelog.net/tags/other-asim-schemas/Recent content in Other: ASIM Schemas on sentinelchangelog.netHugo -- 0.157.0enFri, 29 May 2026 23:39:29 +0000ASIM Parser Development Automation: GitHub Copilot Skills for Accelerated Detection Engineeringhttp://sentinelchangelog.net/posts/2026-05-29-pr-14383/Fri, 29 May 2026 23:39:29 +0000http://sentinelchangelog.net/posts/2026-05-29-pr-14383/GitHub Copilot agent skills now automate the complete ASIM parser creation workflow, reducing parser development time from days to hours for security engineers.ASIM AssetEntity Schema: Three New Fields Added in v1.0.0 Releasehttp://sentinelchangelog.net/posts/2026-05-26-pr-14312/Tue, 26 May 2026 08:18:37 +0000http://sentinelchangelog.net/posts/2026-05-26-pr-14312/ASIM AssetEntity schema upgraded to v1.0.0 with three new fields for enhanced entity correlation and snapshot tracking.ASIM Agent Event Schema: New Normalization Framework for Security Agent Monitoringhttp://sentinelchangelog.net/posts/2026-04-24-pr-14086/Fri, 24 Apr 2026 22:19:31 +0000http://sentinelchangelog.net/posts/2026-04-24-pr-14086/Microsoft Sentinel gains ASIM Agent Event schema for normalizing security agent events across all vendor platforms.ASIM Authentication Schema: VMware vCenter Parser Enables Authentication Monitoring for On-Premises and Azure VMware Environmentshttp://sentinelchangelog.net/posts/2026-04-07-pr-13929/Tue, 07 Apr 2026 16:22:05 +0000http://sentinelchangelog.net/posts/2026-04-07-pr-13929/New ASIM parser normalizes VMware vCenter authentication events from syslog streams to enable detection coverage across vSphere environments.ASIM Schema: Enhanced EntitySource Coverage for Data Platform Assetshttp://sentinelchangelog.net/posts/2026-04-07-pr-13999/Tue, 07 Apr 2026 00:17:20 +0000http://sentinelchangelog.net/posts/2026-04-07-pr-13999/ASimTester validation schema adds Snowflake, Databricks, and Salesforce to AssetEntity EntitySource enumeration for broader data platform asset tracking.Cisco IOS: New ASIM Authentication Parser for Network Device Login Monitoringhttp://sentinelchangelog.net/posts/2026-04-06-pr-13966/Mon, 06 Apr 2026 22:43:41 +0000http://sentinelchangelog.net/posts/2026-04-06-pr-13966/ASIM authentication parser for Cisco IOS enables normalized monitoring of login, logout, and failed authentication events from network infrastructure devices.ASIM WebSession Parser: New Cisco Umbrella Proxy Log Coveragehttp://sentinelchangelog.net/posts/2026-03-25-pr-13893/Wed, 25 Mar 2026 22:24:08 +0000http://sentinelchangelog.net/posts/2026-03-25-pr-13893/New ASIM parser adds web session visibility for Cisco Umbrella proxy logs, normalizing HTTP/HTTPS traffic data to standard schema.ASIM Data Tester Enhanced: New Type Validation for Asset Schema Fieldshttp://sentinelchangelog.net/posts/2026-03-19-pr-13769/Thu, 19 Mar 2026 21:31:08 +0000http://sentinelchangelog.net/posts/2026-03-19-pr-13769/ASIM Data Tester adds DynamicType and ArrayValuesType validation columns to improve dynamic field type checking accuracy.ASIM AuditEvent Parser: Azure SQL Security Audit Data Normalized for Detectionhttp://sentinelchangelog.net/posts/2026-03-18-pr-13745/Wed, 18 Mar 2026 19:47:34 +0000http://sentinelchangelog.net/posts/2026-03-18-pr-13745/New ASIM parser enables normalized analysis of SQL security audit events from SQLSecurityAuditEvents and AzureDiagnostics tables.ASIM Schema Standardization: Removing Unused User Role Fields Across Multiple Schemashttp://sentinelchangelog.net/posts/2026-03-17-pr-13851/Tue, 17 Mar 2026 21:46:35 +0000http://sentinelchangelog.net/posts/2026-03-17-pr-13851/Cleanup of unused Actor/Target user role fields and alignment of empty parsers improves schema consistency but does not affect active detection capabilities.ASIM Schema Cleanup: Removing Unused User Fields from Test Configurationhttp://sentinelchangelog.net/posts/2026-03-16-pr-13828/Mon, 16 Mar 2026 18:02:46 +0000http://sentinelchangelog.net/posts/2026-03-16-pr-13828/Maintenance cleanup removes unused optional user fields from ASIM test configuration with no impact on parser or detection functionality.ASIM Asset Entity Schema: New Schema Foundation for Asset Managementhttp://sentinelchangelog.net/posts/2026-03-06-pr-13732/Fri, 06 Mar 2026 19:41:51 +0000http://sentinelchangelog.net/posts/2026-03-06-pr-13732/Introduces complete ASIM Asset Entity schema with parsers, empty templates, and CI integration to enable asset-centric security monitoring.ASIM FileEvent Parser: New AWS CloudTrail S3 Support Addedhttp://sentinelchangelog.net/posts/2026-02-20-pr-13569/Fri, 20 Feb 2026 21:46:53 +0000http://sentinelchangelog.net/posts/2026-02-20-pr-13569/New FileEvent parser enables normalized S3 object activity monitoring from AWS CloudTrail logs across bucket operations and object lifecycle events.ASIM Authentication Schema: NetworkCleartext SubType Addedhttp://sentinelchangelog.net/posts/2026-02-12-pr-13518/Thu, 12 Feb 2026 17:55:59 +0000http://sentinelchangelog.net/posts/2026-02-12-pr-13518/ASIM Authentication schema expanded to include NetworkCleartext authentication subtype for cleartext password events.ASIM Authentication Parser: Enhanced SSH Authentication Method Detectionhttp://sentinelchangelog.net/posts/2026-01-21-pr-13460/Wed, 21 Jan 2026 02:06:29 +0000http://sentinelchangelog.net/posts/2026-01-21-pr-13460/SSH authentication parser now accurately identifies logon methods (password, PKI, PAM) and adds improved field mappings for better authentication visibility.Azure Firewall ASIM Parsers: Enhanced Detection Coverage for Six New Log Typeshttp://sentinelchangelog.net/posts/2025-12-05-pr-13181/Fri, 05 Dec 2025 18:08:03 +0000http://sentinelchangelog.net/posts/2025-12-05-pr-13181/New ASIM normalisation parsers added for six Azure Firewall log tables, expanding detection coverage for network sessions, DNS queries, and web traffic analysis.