Skip to content

Commit 31258b1

Browse files
yelevinyelevin
authored
Update whats-new.md
1 parent b9a4871 commit 31258b1

File tree

1 file changed

+10
-0
lines changed

1 file changed

+10
-0
lines changed

articles/sentinel/whats-new.md

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -24,13 +24,23 @@ See these [important announcements](#announcements) about recent changes to feat
2424

2525
## July 2023
2626

27+
- [Higher limits for entities in alerts and entity mappings in analytics rules](#higher-limits-for-entities-in-alerts-and-entity-mappings-in-analytics-rules)
2728
- Announcement: [Changes to Microsoft Defender for Office 365 connector alerts that apply when disconnecting and reconnecting](#changes-to-microsoft-defender-for-office-365-connector-alerts-that-apply-when-disconnecting-and-reconnecting)
2829
- [Content Hub generally available and centralization changes released](#content-hub-generally-available-and-centralization-changes-released)
2930
- [Deploy incident response playbooks for SAP](#deploy-incident-response-playbooks-for-sap)
3031
- [Microsoft Sentinel solution for D365 Finance and Operations (Preview)](#microsoft-sentinel-solution-for-d365-finance-and-operations-preview)
3132
- [Simplified pricing tiers](#simplified-pricing-tiers) in [Announcements](#announcements) section below
3233
- [Monitor and optimize the execution of your scheduled analytics rules (Preview)](#monitor-and-optimize-the-execution-of-your-scheduled-analytics-rules-preview)
3334

35+
### Higher limits for entities in alerts and entity mappings in analytics rules
36+
37+
The following limits on entities in alerts and entity mappings in analytics rules have been raised:
38+
- You can now map **up to ten entities** in an analytics rule (up from five).
39+
- A single alert can now contain **up to 500 identified entities** in total, divided equally amongst the mapped entities.
40+
- The *Entities* field in the alert has a **size limit of 64 KB**. (This size limit previously applied to the entire alert record.)
41+
42+
For a full description of these limits, see [Map data fields to entities in Microsoft Sentinel](map-data-fields-to-entities.md).
43+
3444
### Content Hub generally available and centralization changes released
3545

3646
Content hub is now generally available (GA)! The [content hub centralization changes announced in February](#out-of-the-box-content-centralization-changes) have also been released. For more information on these changes and their impact, including more details about the tool provided to reinstate **IN USE** gallery templates, see [Out-of-the-box (OOTB) content centralization changes](sentinel-content-centralize.md).

0 commit comments

Comments
 (0)