Merge branch 'release-notes-collector' of github.com:SumoLogic/sumologic-documentation into release-notes-collector

kimsauce · kimsauce · commit c76ab9a6ff51 · 2025-05-30T18:09:11.000-04:00
diff --git a/blog-cse/2025-05-30-content.md b/blog-cse/2025-05-30-content.md
@@ -0,0 +1,54 @@
+---
+title: May 30, 2025 - Content Release
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - log mappers
+  - parsers
+  - rules
+hide_table_of_contents: true    
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+This content release includes:
+- Rule updates.
+- New log parsers and mappers to support Akamai CPC and Contrast Security ADR.
+- New and updated log mappers for Azure Event Hub - Windows Defender logs, Cisco ISE, Microsoft Office 365, and Snowflake.
+- Modifications to existing parsers for Microsoft Azure JSON, Nginx Syslog, and Snowflake to support additional formats and events.
+
+Changes are enumerated below.
+
+### Rules
+- [Updated] MATCH-S00068 O365 - Users Password Changed
+    - Updated entity selectors to include both `user_username` and `targetUser_username`
+- [Updated] MATCH-S00069 O365 - Users Password Reset
+    - Updated entity selectors to include both `user_username` and `targetUser_username`
+
+### Log Mappers
+- [New] Akamai CPC
+- [New] Azure Event Hub - Windows Defender Audit events
+- [New] Azure Event Hub - Windows Defender Audit file events
+- [New] Azure Event Hub - Windows Defender Authentication events
+- [New] Azure Event Hub - Windows Defender Email events
+- [New] Azure Event Hub - Windows Defender Endpoint Process events
+- [New] Azure Event Hub - Windows Defender Network events
+- [New] Contrast Security ADR Default Mapping
+- [New] Snowflake Query History
+- [New] Snowflake Session
+- [Updated] Azure Event Hub - Windows Defender Logs - DeviceAlertEvents
+- [Updated] Azure Event Hub - Windows Defender Logs and Azure Alert
+- [Updated] Cisco ISE Catch All
+- [Updated] Microsoft Office 365 Active Directory Authentication Events
+- [Updated] Snowflake Catch All
+- [Updated] Snowflake Login
+
+### Parsers
+- [New] /Parsers/System/Akamai/Akamai CPC
+- [New] /Parsers/System/Contrast Security/Contrast ADR
+- [Updated] /Parsers/System/Cisco/Cisco ISE
+- [Updated] /Parsers/System/Microsoft/Microsoft Azure JSON
+- [Updated] /Parsers/System/Nginx/Nginx Syslog
+- [Updated] /Parsers/System/Microsoft/Office 365
+- [Updated] /Parsers/System/Snowflake/Snowflake
+- [Updated] /Parsers/System/Microsoft/Windows PowerShell-JSON
+- [Updated] /Parsers/System/Microsoft/Windows-JSON-Open Telemetry
