SumoLogic
diff --git a/‎.clabot‎
Lines changed: 3 additions & 1 deletion b/‎.clabot‎
Lines changed: 3 additions & 1 deletion
diff --git a/‎.github/CODEOWNERS‎
Lines changed: 1 addition & 1 deletion b/‎.github/CODEOWNERS‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/build_and_deploy.yml‎
Lines changed: 0 additions & 85 deletions b/‎.github/workflows/build_and_deploy.yml‎
Lines changed: 0 additions & 85 deletions
diff --git a/‎.github/workflows/delete-review.yml‎
Lines changed: 0 additions & 40 deletions b/‎.github/workflows/delete-review.yml‎
Lines changed: 0 additions & 40 deletions
diff --git a/‎.github/workflows/job_build-site.yml‎
Lines changed: 2 additions & 5 deletions b/‎.github/workflows/job_build-site.yml‎
Lines changed: 2 additions & 5 deletions
diff --git a/‎.github/workflows/production.yml‎
Lines changed: 0 additions & 21 deletions b/‎.github/workflows/production.yml‎
Lines changed: 0 additions & 21 deletions
diff --git a/‎blog-cse/2025-10-28-content.md‎
Lines changed: 1 addition & 1 deletion b/‎blog-cse/2025-10-28-content.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎blog-cse/2025-10-29-content.md‎
Lines changed: 22 additions & 0 deletions b/‎blog-cse/2025-10-29-content.md‎
Lines changed: 22 additions & 0 deletions
diff --git a/‎blog-cse/2025-11-06-content.md‎
Lines changed: 37 additions & 0 deletions b/‎blog-cse/2025-11-06-content.md‎
Lines changed: 37 additions & 0 deletions
diff --git a/‎blog-cse/2025-11-14-content.md‎
Lines changed: 44 additions & 0 deletions b/‎blog-cse/2025-11-14-content.md‎
Lines changed: 44 additions & 0 deletions
@@ -193,7 +193,9 @@
     "rmeyer-legato",
     "jagan2221",
     "pankaj101A",
-    "prajalb"
+    "prajalb",
+    "dk-logic",
+    "keshavm021"
   ],
   "message": "Thank you for your contribution! As this is an open source project, we require contributors to sign our Contributor License Agreement and do not have yours on file. To proceed with your PR, please [sign your name here](https://forms.gle/YgLddrckeJaCdZYA6) and we will add you to our approved list of contributors.",
   "label": "cla-signed",
 
@@ -13,4 +13,4 @@
 /docs/send-data/opentelemetry-collector/ @SumoLogic/open-source-collection-team @kimsauce @jpipkin1 @mafsumo @JV0812 @amee-sumo
 
 # GitHub workflow owners
-/.github/workflows/ @SumoLogic/open-source-collection-team @kimsauce
+/.github/workflows/ @kimsauce
@@ -27,13 +27,10 @@ jobs:
         with:
           node-version: '20.x'
           cache: 'yarn'
-      - name: Docusaurus Webpack cache
-        uses: actions/cache@v3
-        with:
-          path: node_modules/.cache
-          key: ${{ runner.os }}-webpack-cache-${{ hashFiles('yarn.lock') }}
       - name: Install dependencies
         run: yarn install --frozen-lockfile
+      - name: Clean Docusaurus cache
+        run: rm -rf .docusaurus build
       - name: Build the Docusaurus site
         run: |
           yarn build
 
@@ -12,7 +12,7 @@ This content release includes:
     - Updates to existing mappers for Crowdstrike Falcon, F5, and Okta events to support additional fields and events.
     - Updates to F5 Networks and Okta SSO parsers.
 
-Changes are enumerated below.
+This new and updated content is effective as of October 22, 2025. Changes are enumerated below.
 
 ### Log Mappers
 - [New] CrowdStrike Falcon Host API IdpDetectionSummaryEvent
 
@@ -0,0 +1,22 @@
+---
+title: October 29, 2025 - Content Release
+image: https://assets-www.sumologic.com/company-logos/_800x418_crop_center-center_82_none/SumoLogic_Preview_600x600.jpg?mtime=1617040082
+keywords:
+  - log mappers
+  - parsers
+hide_table_of_contents: true    
+---
+
+This content release includes:
+    - New log mappers for Crowdstrike Falcon to support eppDetectionSummary events from multiple ingest methods.
+    - New parsers and log mappers for Databricks Audit logs and Varonis Alerts.
+
+## Log Mappers
+- [New] CrowdStrike Falcon - EppDetectionSummaryEvents (CNC)
+- [New] DataBricks Audit Catch All
+- [New] DataBricks Authentication
+- [New] Varonis Alerts Catch All
+
+## Parsers
+- [New] /Parsers/System/Databricks/Databricks Audit
+- [New] /Parsers/System/Varonis/Varonis Alert JSON
@@ -0,0 +1,37 @@
+---
+title: November 6, 2025 - Content Release
+image: https://assets-www.sumologic.com/company-logos/_800x418_crop_center-center_82_none/SumoLogic_Preview_600x600.jpg?mtime=1617040082
+keywords:
+  - log mappers
+  - parsers
+  - rules
+hide_table_of_contents: true    
+---
+
+This content release includes:
+    - An updated parser and new log mappers for Netskope Cloud Security for improved handling of Netskope DLP logs.
+    - An updated mapper for Azure Audit Logs which repurposes the `changeTarget` field mapping for changed items such as groups.
+    - Updated Azure rules to accommodate the repurposed `changeTarget` field
+    - Updated Keeper Authentication mapper to include the `Success` field.
+
+:::note
+If you are ingesting Netskope Cloud Security Logs or Azure Audit Logs ensure that the log source is set to use the appropriate system parser:
+    - Netskope Cloud Security: /Parsers/System/Netskope/Netskope Security Cloud JSON
+    - Azure Audit Logs: /Parsers/System/Microsoft/Microsoft Azure JSON
+:::
+
+### Rules
+- [Updated] MATCH-S00226 Azure - Add Member to Group
+- [Updated] MATCH-S00220 Azure - Add Member to Role Outside of PIM
+- [Updated] MATCH-S00231 Azure - Member Added to Global Administrator Role
+- [Updated] MATCH-S00233 Azure - Member Added to Global Administrator Role Non-PIM
+- [Updated] MATCH-S00229 Azure - Member Added to Non-Global Administrator Role
+
+### Log Mappers
+- [New] Netskope - DLP Alerts
+- [New] Netskope - Incidents
+- [Updated] AzureActivityLog AuditLogs
+- [Updated] Keeper Authentication
+
+### Parsers
+- [Updated] /Parsers/System/Netskope/Netskope Security Cloud JSON
@@ -0,0 +1,44 @@
+---
+title: November 14, 2025 - Content Release
+image: https://assets-www.sumologic.com/company-logos/_800x418_crop_center-center_82_none/SumoLogic_Preview_600x600.jpg?mtime=1617040082
+keywords:
+  - log mappers
+  - parsers
+  - rules
+hide_table_of_contents: true    
+---
+
+This content release includes:
+    - Updates to Microsoft Azure rules so rule summaries contain richer information around groups and roles that have been modified.
+    - New and updated mappers for various products, including new support for PingIdentity MFA logs, better handling of severity scores for Netskope DLP alerts, and improved entity handling for Okta logs.
+    - New and updated parsers, including new support for PingIdentity MFA logs and improved parsing for Netskope DLP events.
+
+Changes are enumerated below.
+
+### Rules
+- [Updated] MATCH-S00226 Azure - Add Member to Group
+- [Updated] MATCH-S00220 Azure - Add Member to Role Outside of PIM
+- [Updated] MATCH-S00231 Azure - Member Added to Global Administrator Role
+- [Updated] MATCH-S00233 Azure - Member Added to Global Administrator Role Non-PIM
+- [Updated] MATCH-S00229 Azure - Member Added to Non-Global Administrator Role
+
+### Log Mappers
+- [New] Netskope - DLP Alerts
+- [New] Netskope - Incidents
+- [New] PingIdentity MFA - Authentication Event
+- [New] PingIdentity MFA - Catch All
+- [Updated] AzureActivityLog AuditLogs
+- [Updated] Keeper Authentication
+- [Updated] Netskope - Alerts
+- [Updated] Netskope - Catch All
+- [Updated] Okta Authentication - auth_via_AD_agent
+- [Updated] Okta Authentication - auth_via_mfa
+- [Updated] Okta Authentication - auth_via_radius
+- [Updated] Okta Authentication - sso
+- [Updated] Okta Authentication Events
+- [Updated] Okta Catch All
+- [Updated] Okta Security Threat Events
+
+### Parsers
+- [New] /Parsers/System/PingIdentity/PingIdentity MFA
+- [Updated] /Parsers/System/Netskope/Netskope Security Cloud JSON