Fortinet FortiGate ASIM Authentication Parsers: Schema Version Metadata Correction

Updates schema version metadata from 0.1.3 to 0.1.4 in FortiGate authentication parsers with no functional changes. Read More →

ExtraHop RevealX: Azure Monitor Logs Ingestion API Replaces Legacy HTTP Data Collector

Added Log Ingestion API support with OAuth 2.0 authentication — modernizes data ingestion from legacy HTTP Data Collector API. Read More →

Cisco Umbrella ASIM Parser: Fixing Variable Scope Bug in IP Filter Logic

Moves critical IP filtering variables inside parser function to prevent incorrect filtering and potential data loss. Read More →

Palo Alto GlobalProtect: New ASIM Authentication Parser for VPN Monitoring

New ASIM parser normalizes GlobalProtect VPN authentication events from CommonSecurityLog table, enabling unified monitoring of gateway and portal authentication across Palo Alto PAN-OS deployments. Read More →

ASIM Parser Validation: Critical Schemas Added to CI Pipeline

Four ASIM schemas missing from KQL validation pipeline now included, preventing unvalidated parser deployments. Read More →

ASIM Authentication Schema: VMware vCenter Parser Enables Authentication Monitoring for On-Premises and Azure VMware Environments

New ASIM parser normalizes VMware vCenter authentication events from syslog streams to enable detection coverage across vSphere environments. Read More →

Cisco IOS: New ASIM Authentication Parser for Network Device Login Monitoring

ASIM authentication parser for Cisco IOS enables normalized monitoring of login, logout, and failed authentication events from network infrastructure devices. Read More →

Check Point Smart Defense: ASIM NetworkSession Parser Expands Threat Prevention Visibility

New ASIM NetworkSession parser adds Check Point Smart Defense logs to normalized threat monitoring and detection coverage. Read More →

Netskope Secure Web Gateway Solution: New Detection Coverage for Cloud Application Visibility

New Netskope solution adds 10 detections for web transaction monitoring including impossible travel, excessive downloads, shadow IT detection, and data exfiltration patterns. Read More →

Qualys VM: CCF Connector Adds Vulnerability Intelligence Stream

Qualys VM Knowledge Base solution now includes a Codeless Connector Framework (CCF) implementation for automated vulnerability data ingestion alongside the existing legacy connector. Read More →

ASIM AlertEvent Parser: Microsoft Defender XDR Missing AlertOriginalStatus Field Restored

Critical data fidelity fix restores missing AlertOriginalStatus field in Microsoft Defender XDR ASIM AlertEvent parser, resolving alert status visibility gap. Read More →

Imperva Cloud WAF: Production Ready CCF Connector with Standard Tables

Imperva Cloud WAF CCF connector migrates from private preview custom tables to public preview standard tables. Read More →

Tenable VM Parser: CVSS 4.0 and VPR v2 Field Mapping Restores Missing Vulnerability Scoring Data

Tenable VM vulnerability parser now extracts CVSS 4.0 vector components and VPR v2 threat intelligence previously unmapped from ingested vulnerability scans. Read More →

Corelight: Enhanced Data Fidelity for Network Aggregation Events

Fixes field mapping inconsistencies in Corelight aggregation parsers that caused data loss and adds aggregation filtering to the Data Explorer workbook. Read More →

ASIM WebSession Parser: New Cisco Umbrella Proxy Log Coverage

New ASIM parser adds web session visibility for Cisco Umbrella proxy logs, normalizing HTTP/HTTPS traffic data to standard schema. Read More →

AWS ELB Connector: Public Preview CCF Ingestion for ALB, NLB, and GLB Logs

New CCF connector enables ingestion of AWS Elastic Load Balancer access and flow logs into Microsoft Sentinel for network traffic monitoring and threat detection. Read More →

ASIM Data Tester Enhanced: New Type Validation for Asset Schema Fields

ASIM Data Tester adds DynamicType and ArrayValuesType validation columns to improve dynamic field type checking accuracy. Read More →

ASIM AuditEvent Parser: Azure SQL Security Audit Data Normalized for Detection

New ASIM parser enables normalized analysis of SQL security audit events from SQLSecurityAuditEvents and AzureDiagnostics tables. Read More →

ASIM Schema Standardization: Removing Unused User Role Fields Across Multiple Schemas

Cleanup of unused Actor/Target user role fields and alignment of empty parsers improves schema consistency but does not affect active detection capabilities. Read More →

OpenAI Solution: New Data Source for AI Security Monitoring

New Microsoft Sentinel solution introduces CCF connector for OpenAI audit logs and chat completions, enabling AI governance and threat detection. Read More →