Skip to content

Commit 0fbabf5

Browse files
jc-sumojpipkin1
jc-sumo
and
jpipkin1
authored
Create 2025-05-22-content.md (#5399)
* Create 2025-05-22-content.md * Updates from review --------- Co-authored-by: John Pipkin <[email protected]>
1 parent 9cc5008 commit 0fbabf5

File tree

1 file changed

+51
-0
lines changed

1 file changed

+51
-0
lines changed

blog-cse/2025-05-23-content.md

Lines changed: 51 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,51 @@
1+
---
2+
title: May 23, 2025 - Content Release
3+
image: https://help.sumologic.com/img/sumo-square.png
4+
keywords:
5+
- log mappers
6+
- parsers
7+
- rules
8+
hide_table_of_contents: true
9+
---
10+
11+
import useBaseUrl from '@docusaurus/useBaseUrl';
12+
13+
This content release includes:
14+
- Rule update
15+
- New support for CommScope Ruckus SmartZone
16+
- Additional mappers for CrowdStrike FDR, Google G Suite (Workspace), and Windows PowerShell
17+
- Updates for existing mappers for CrowdStrike FDR, Google G Suite (Workspace), and Windows PowerShell
18+
- Added normalizedAction and action fields to Windows PowerShell mappers
19+
- Changes to Windows PowerShell JSON parsing to support additional log formats
20+
21+
Changes are enumerated below.
22+
23+
24+
### Rules
25+
- [Updated] MATCH-S00068 O365 - Users Password Changed
26+
- Updated to use targetUser_username
27+
28+
### Log mappers
29+
- [New] CommScope Ruckus SmartZone Default
30+
- [New] CrowdStrike FDR - DNSRequest
31+
- [New] Google G Suite - login - risky_sensitive_action_allowed
32+
- [New] Google G Suite - login challange
33+
- [New] Windows - Windows PowerShell
34+
- [Updated] CrowdStrike Falcon Host API DetectionSummaryEvent (CNC)
35+
- Added alternate field for threat_name
36+
- [Updated] CrowdStrike Falcon Host API IdpDetectionSummaryEvent (CNC)
37+
- Added alternate field for threat_name
38+
- [Updated] Google G Suite - login - password_change/recovery_info_change
39+
- Added additional mapped fields
40+
- [Updated] Google G Suite - login.login
41+
- Added additional mapped fields
42+
- [Updated] Google G Suite - logout
43+
- Added additional mapped fields
44+
- [Updated] Windows - Microsoft-Windows-PowerShell/Operational - 4103
45+
- [Updated] Windows - Microsoft-Windows-PowerShell/Operational - 4104
46+
- [Updated] Windows - Microsoft-Windows-PowerShell/Operational - 4105
47+
- [Updated] Windows - Microsoft-Windows-PowerShell/Operational - 4106
48+
49+
### Parsers
50+
- [New] /Parsers/System/CommScope/CommScope Ruckus SmartZone
51+
- [Updated] /Parsers/System/Microsoft/Windows PowerShell-JSON

0 commit comments

Comments
 (0)