Skip to main content

March 2, 2023 - Content Release

This release contains changes to how the Palo Alto Firewall CSV parser handles timestamps. Time parsing now relies on _messagetime metadata generated at collection time. This allows individual sources to set timezone information if it is not available in the raw message and as a result, reflect more accurate timestamps for records being created.

Rules

  • [New] MATCH-S00844 LastPass - Account Created
  • [New] MATCH-S00854 LastPass - Failed Login
  • [New] MATCH-S00846 LastPass - Folder Permissions Updated
  • [New] MATCH-S00855 LastPass - Login
  • [New] MATCH-S00847 LastPass - Master Password Changed
  • [New] MATCH-S00848 LastPass - Password Changed
  • [New] MATCH-S00849 LastPass - Personal Share
  • [New] MATCH-S00850 LastPass - Policy Added
  • [New] MATCH-S00851 LastPass - Policy Deleted
  • [New] MATCH-S00852 LastPass - Shared Folder Created
  • [New] MATCH-S00853 LastPass - Super Admin Password Reset

Log Mappers

  • [New] LastPass - Account Created
  • [New] LastPass - Failed Login
  • [New] LastPass - Folder Permissions Updated
  • [New] LastPass - Login
  • [New] LastPass - Master Password Changed
  • [New] LastPass - Password Changed
  • [New] LastPass - Personal Share
  • [New] LastPass - Policy Modifications
  • [New] LastPass - Shared Folder Created
  • [New] LastPass - Super Admin Password Reset
  • [New] LastPass Catch All
  • [New] Sysdig Audit Trail JSON
  • [New] Sysdig Benchmark JSON
  • [New] Sysdig Command JSON
  • [New] Sysdig Connection JSON
  • [New] Sysdig File Access JSON
  • [New] Sysdig Kubernetes JSON
  • [New] Sysdig Policy Detection JSON
  • [New] Sysdig Scanning JSON
  • [Updated] Azure Firewall Network Rule
  • [Updated] Mimecast Email logs

Parsers

  • [New] /Parsers/System/LastPass/LastPass
  • [New] /Parsers/System/Sysdig/Sysdig JSON
  • [Updated] /Parsers/System/Microsoft/Microsoft Azure JSON
  • [Updated] /Parsers/System/Palo Alto/PAN Firewall CSV
  • [Updated] /Parsers/System/Microsoft/Shared/Windows Forwarding Headers
  • [Updated] /Parsers/System/Microsoft/Shared/Windows Text Transforms - Security
  • [Updated] /Parsers/System/Microsoft/Windows-Syslog Snare
Legal
Privacy Statement
Terms of Use

Copyright © 2023 by Sumo Logic, Inc.