Skip to content

Commit c7d6dc7

Browse files
austinmccollumaustinmccollum
authored
add schema mapping feature
1 parent 67b767d commit c7d6dc7

File tree

1 file changed

+15
-1
lines changed

1 file changed

+15
-1
lines changed

articles/sentinel/whats-new.md

Lines changed: 15 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,12 +20,26 @@ The listed features were released in the last three months. For information abou
2020

2121
## September 2024
2222

23-
23+
- [Schema mapping added to the SIEM migration experience](#schema-mapping-added-to-the-siem-migration-experience)
2424
- [Azure reservations now have pre-purchase plans available for Microsoft Sentinel](#pre-purchase-plans-now-available-for-microsoft-sentinel)
2525
- [Import/export of automation rules now generally available (GA)](#importexport-of-automation-rules-now-generally-available-ga)
2626
- [Google Cloud Platform data connectors are now generally available (GA)](#google-cloud-platform-data-connectors-are-now-generally-available-ga)
2727
- [Microsoft Sentinel now generally available (GA) in Azure Israel Central](#microsoft-sentinel-now-generally-available-ga-in-azure-israel-central)
2828

29+
### Schema mapping added to the SIEM migration experience
30+
31+
Since the SIEM migration experience became generally available in May 2024, steady improvements have been made to help migrate your security monitoring from Splunk. The following new features let customers provide more contextual details about their Splunk environment and usage to the Microsoft Sentinel SIEM Migration translation engine:
32+
33+
- Schema Mapping
34+
- Support for Splunk Macros in translation
35+
- Support for Splunk Lookups in translation
36+
37+
To learn more about these updates, see [SIEM migration experience](siem-migration.md).
38+
39+
For more information about the SIEM migration experience, see the following articles:
40+
- [Become a Microsoft Sentinel ninja - migration section](https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/become-a-microsoft-sentinel-ninja-the-complete-level-400/ba-p/1246310#toc-hId-111398316)
41+
- [SIEM migration update - Microsoft Sentinel blog](https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/siem-migration-update-now-migrate-with-contextual-depth-in/ba-p/4241234)
42+
2943
### Pre-purchase plans now available for Microsoft Sentinel
3044

3145
Pre-purchase plans are a type of Azure reservation. When you buy a pre-purchase plan, you get commit units (CUs) at discounted tiers for a specific product. Microsoft Sentinel commit units (SCUs) apply towards eligible costs in your workspace. When you have predictable costs, choosing the right pre-purchase plan saves you money!

0 commit comments

Comments
 (0)