From 746bf1d6a2e87e783b7160af78d4539cfe4ccb32 Mon Sep 17 00:00:00 2001 From: Julian Crowley Date: Wed, 27 Aug 2025 09:59:33 -0600 Subject: [PATCH 1/2] Create 2025-08-27-content.md --- blog-cse/2025-08-27-content.md | 43 ++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 blog-cse/2025-08-27-content.md diff --git a/blog-cse/2025-08-27-content.md b/blog-cse/2025-08-27-content.md new file mode 100644 index 0000000000..ee008a2f83 --- /dev/null +++ b/blog-cse/2025-08-27-content.md @@ -0,0 +1,43 @@ +--- +title: August 27, 2025 - Content Release +image: https://help.sumologic.com/img/reuse/rss-image.jpg +keywords: + - log mappers +hide_table_of_contents: true +--- + +This Content Release includes: +- New mappers and parsing support for additional Cisco ASA events and updates to existing Cisco ASA mappers to support additional fields +- Updates to AWS Security Hub OCSF Findings mappers to handle username alternate mappings +- Updates to McAfee Web Gateway CSV parser and mapper to support additional fields +- Fix to Sysdig Policy Detection JSON mapper to correctly map threat signal name and summary +- Changes are enumerated below + +## Log Mappers +- [New] Cisco ASA 109201|109207|113022 +- [New] Cisco ASA 317077|317078 +- [New] Cisco ASA 725016|771002 +- [Updated] AWS GuardDuty - OCSF Finding Events +- [Updated] AWS Inspector - OCSF Finding Events +- [Updated] AWS Security Hub - OCSF Finding Events +- [Updated] AWS Security Hub Coverage - OCSF Finding Events +- [Updated] AWS Security Hub Exposure Detection - OCSF Finding Events +- [Updated] Cisco ASA 113008 JSON +- [Updated] Cisco ASA 302010 JSON +- [Updated] Cisco ASA 303002 JSON +- [Updated] Cisco ASA 313001 JSON +- [Updated] Cisco ASA 50000(4|3) JSON +- [Updated] Cisco ASA 602303-4|602101 +- [Updated] Cisco ASA 710005|716058 +- [Updated] Cisco ASA 713nnn JSON +- [Updated] Cisco ASA 722034 +- [Updated] Cisco ASA 722051|722022|722023|722028|722032|722033|722036|722037|722041 JSON +- [Updated] Cisco ASA 733100|734001|737005|737017|737036|737029|746014|746015|746016 JSON +- [Updated] Cisco ASA 751023|725001|725002|725003|725006|725007|750001|750003|750006|750007|751022 JSON +- [Updated] Cisco ASA Network events +- [Updated] McAfee WebGateway - Parser +- [Updated] Sysdig Policy Detection JSON + +## Parsers +- [Updated] /Parsers/System/Cisco/Cisco ASA +- [Updated] /Parsers/System/McAfee/McAfee Web Gateway CSV \ No newline at end of file From 634bcead2ce91c31360a227d4bc280ace9db96ca Mon Sep 17 00:00:00 2001 From: John Pipkin Date: Wed, 27 Aug 2025 11:21:33 -0500 Subject: [PATCH 2/2] Updates from review --- blog-cse/2025-08-27-content.md | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/blog-cse/2025-08-27-content.md b/blog-cse/2025-08-27-content.md index ee008a2f83..f2422d57b4 100644 --- a/blog-cse/2025-08-27-content.md +++ b/blog-cse/2025-08-27-content.md @@ -6,14 +6,15 @@ keywords: hide_table_of_contents: true --- -This Content Release includes: -- New mappers and parsing support for additional Cisco ASA events and updates to existing Cisco ASA mappers to support additional fields -- Updates to AWS Security Hub OCSF Findings mappers to handle username alternate mappings -- Updates to McAfee Web Gateway CSV parser and mapper to support additional fields -- Fix to Sysdig Policy Detection JSON mapper to correctly map threat signal name and summary -- Changes are enumerated below +This content release includes: +- New mappers and parsing support for additional Cisco ASA events and updates to existing Cisco ASA mappers to support additional fields. +- Updates to AWS Security Hub OCSF Findings mappers to handle username alternate mappings. +- Updates to McAfee Web Gateway CSV parser and mapper to support additional fields. +- Fix to Sysdig Policy Detection JSON mapper to correctly map threat signal name and summary. -## Log Mappers +Changes are enumerated below. + +### Log Mappers - [New] Cisco ASA 109201|109207|113022 - [New] Cisco ASA 317077|317078 - [New] Cisco ASA 725016|771002 @@ -38,6 +39,6 @@ This Content Release includes: - [Updated] McAfee WebGateway - Parser - [Updated] Sysdig Policy Detection JSON -## Parsers +### Parsers - [Updated] /Parsers/System/Cisco/Cisco ASA - [Updated] /Parsers/System/McAfee/McAfee Web Gateway CSV \ No newline at end of file