Skip to main content

August 25, 2022 - Application Update

Application Update

Cloud SIEM Enterprise App is now available

The CSE app gives you visibility into what’s going on in Cloud SIEM Enterprise. The app dashboards present high-level and detailed views into the Records that were created, the Signals that have fired, and the Insights generated by CSE. You can also get insight in CSE rules, including rule management activity, and which rules have fired.

This app is available to all licensed CSE customers in the Sumo Logic App Catalog. For more information, see CSE App.

Content Release

Rules

  • [Updated] MATCH-S00632 Okta Administrator Access Granted
  • [Updated] MATCH-S00683 Overly Permissive Chmod Command

Log Mappers

  • [New] Check Point Avanan
  • [New] Cisco ISE Authentication Failure
  • [New] Cisco ISE Authentication Success
  • [New] Cisco ISE Catch All
  • [New] FireEye Web MPS Event
  • [Updated] Microsoft Office 365 Threat Intelligence Events
  • [Updated] Windows Microsoft-Windows-Sysmon/Operational 3
  • [Updated] Windows Security 4688

Parsers

  • [New] /Parsers/System/Check Point/Check Point Avanan JSON
  • [New] /Parsers/System/Cisco/Cisco ISE
  • [New] /Parsers/System/FireEye/FireEye Web MPS JSON
Legal
Privacy Statement
Terms of Use

Copyright © 2023 by Sumo Logic, Inc.