Cisco Secure Endpoint: ASIM AlertEvent Parser for Cloud-Based Threat Detection
New ASIM parser enables normalized threat detection from Cisco Secure Endpoint via CCF ingestion to CiscoSecureEndpointEventsV2_CL table. Read More →
New ASIM parser enables normalized threat detection from Cisco Secure Endpoint via CCF ingestion to CiscoSecureEndpointEventsV2_CL table. Read More →
Five NXLog partner solutions removed from Content Hub, eliminating data connector support for BSM macOS, FIM, Linux Audit, AIX Audit, and DNS monitoring across Unix/Linux environments. Read More →
Data fidelity fix converts Unix epoch millisecond fields to datetime, resolving duplicate typed columns that broke query functionality in Dynatrace parsers. Read More →
Missing TargetUserSessionId field in Microsoft 365 Defender ASIM ProcessEvent parsers has been restored, fixing queries that previously returned null for this session correlation field. Read More →
Critical fix migrates GitHub parsers and workbooks to support CLv2 ingestion table and updated GitHub alert event schemas, ensuring compatibility across V1 and V2 deployments. Read More →
Fixed critical data type mismatch in VMware vCenter authentication parser that caused DvcId field queries to fail. Read More →
Major connector upgrade introduces comprehensive event field collection and multi-tenant monitoring capabilities. Read More →
ZoomReports CCF connector transitions to GA with parser supporting dual-table ingestion and expanded field coverage. Read More →
New CLv2-based GitHub Webhook connector replaces deprecated CLv1 API to maintain ingestion of code scanning, Dependabot, and secret scanning alerts. Read More →
Microsoft Sentinel gains ASIM Agent Event schema for normalizing security agent events across all vendor platforms. Read More →
Halcyon connector migrated from direct ASIM ingestion to OCSF schema with ASIM transformation parsers, replacing 5 custom tables with unified HalcyonEvents_CL table. Read More →
ASIM Process Event parsers for Microsoft 365 Defender now extract file version metadata, improving process attribution and hunt query precision. Read More →
New comprehensive Microsoft Sentinel integration adds automated IOC collection, incident enrichment, and interactive threat intelligence dashboards for the Cyjax platform. Read More →
All Dynatrace connectors migrated to DCR-based CCF architecture with dual-version parser support for seamless transitions. Read More →
ASIM Process Event parser parameter names corrected to match documentation, fixing filtering logic discrepancies that could affect query performance and parser interoperability. Read More →
Cisco ISE Administrator authentication parser fixes swap incorrect SrcIpAddr and TargetIpAddr mappings that broke network forensics queries. Read More →
Critical fixes to VMware vCenter authentication parser resolve incorrect field mappings that broke queries referencing User and DvcId fields. Read More →
Adds comprehensive bi-directional sync playbooks and fixes critical ref_id column type bug that caused silent data loss in alert ingestion. Read More →
Contrast ADR adds CCF ingestion support with standardized table schemas for production-ready Application Detection and Response monitoring. Read More →
Added ASIM Authentication parser for Cisco ISE administrator authentication events, expanding centralized network device visibility. Read More →