Cisco Secure Endpoint: ASIM AlertEvent Parser for Cloud-Based Threat Detection

New ASIM parser enables normalized threat detection from Cisco Secure Endpoint via CCF ingestion to CiscoSecureEndpointEventsV2_CL table. Read More →

NXLog Solutions Deprecated: Loss of Multi-Platform Audit Visibility

Five NXLog partner solutions removed from Content Hub, eliminating data connector support for BSM macOS, FIM, Linux Audit, AIX Audit, and DNS monitoring across Unix/Linux environments. Read More →

Dynatrace Parsers: Critical Timestamp Fix Restores Query Reliability

Data fidelity fix converts Unix epoch millisecond fields to datetime, resolving duplicate typed columns that broke query functionality in Dynatrace parsers. Read More →

M365 Defender ASIM Parser: TargetUserSessionId Field Restoration Fixes Data Fidelity Gap

Missing TargetUserSessionId field in Microsoft 365 Defender ASIM ProcessEvent parsers has been restored, fixing queries that previously returned null for this session correlation field. Read More →

GitHub Advanced Security Parser Migration: CLv2 Compatibility and Schema Updates

Critical fix migrates GitHub parsers and workbooks to support CLv2 ingestion table and updated GitHub alert event schemas, ensuring compatibility across V1 and V2 deployments. Read More →

VMware vCenter ASIM Parser: DvcId Type Correction Prevents Query Failures

Fixed critical data type mismatch in VMware vCenter authentication parser that caused DvcId field queries to fail. Read More →

Salesforce Service Cloud Connector: Enhanced Event Log Coverage and Multi-Domain Support

Major connector upgrade introduces comprehensive event field collection and multi-tenant monitoring capabilities. Read More →

Zoom Connector GA Release: Enhanced Data Ingestion with New Table Schema

ZoomReports CCF connector transitions to GA with parser supporting dual-table ingestion and expanded field coverage. Read More →

GitHub Webhook V2 Connector: CLv2 Migration Ensures Continued GitHub Advanced Security Ingestion

New CLv2-based GitHub Webhook connector replaces deprecated CLv1 API to maintain ingestion of code scanning, Dependabot, and secret scanning alerts. Read More →

ASIM Agent Event Schema: New Normalization Framework for Security Agent Monitoring

Microsoft Sentinel gains ASIM Agent Event schema for normalizing security agent events across all vendor platforms. Read More →

Halcyon Anti-Ransomware: Connector Overhaul from ASIM to OCSF Schema Architecture

Halcyon connector migrated from direct ASIM ingestion to OCSF schema with ASIM transformation parsers, replacing 5 custom tables with unified HalcyonEvents_CL table. Read More →

Microsoft 365 Defender Process Parsers: Enhanced File Metadata Visibility

ASIM Process Event parsers for Microsoft 365 Defender now extract file version metadata, improving process attribution and hunt query precision. Read More →

Cyjax Threat Intelligence Platform: Complete Solution for IOC Ingestion and Investigation

New comprehensive Microsoft Sentinel integration adds automated IOC collection, incident enrichment, and interactive threat intelligence dashboards for the Cyjax platform. Read More →

Dynatrace Solution: DCR Migration Introduces v2 Connectors for All Data Sources

All Dynatrace connectors migrated to DCR-based CCF architecture with dual-version parser support for seamless transitions. Read More →

ASIM Process Event Parsers: Parameter Standardization Fixes Filtering Logic Inconsistencies

ASIM Process Event parser parameter names corrected to match documentation, fixing filtering logic discrepancies that could affect query performance and parser interoperability. Read More →

Cisco ISE ASIM Parser: Correcting IP Address Field Mappings

Cisco ISE Administrator authentication parser fixes swap incorrect SrcIpAddr and TargetIpAddr mappings that broke network forensics queries. Read More →

VMware vCenter ASIM Parser: Fixing Field Mappings After ASIM Schema Updates

Critical fixes to VMware vCenter authentication parser resolve incorrect field mappings that broke queries referencing User and DvcId fields. Read More →

Check Point Cyberint: Bi-Directional Alert Sync and Critical Data Ingestion Fix

Adds comprehensive bi-directional sync playbooks and fixes critical ref_id column type bug that caused silent data loss in alert ingestion. Read More →

Contrast ADR: CCF Connector Deployment Unlocks Application Attack Visibility

Contrast ADR adds CCF ingestion support with standardized table schemas for production-ready Application Detection and Response monitoring. Read More →

ASIM Authentication: New Parser for Cisco ISE Administrator Login Events

Added ASIM Authentication parser for Cisco ISE administrator authentication events, expanding centralized network device visibility. Read More →