Skip to main content

February 2, 2024 - Content Release

This release includes minor mapping adjustments to Duo and MS Graph Identify Protection Risk logs. Specific changes are enumerated below.

Log Mappers

  • [Updated] Duo Security Admin API - Audit
    • Added mappings for source host and source IP
  • [Updated] Duo Security Admin API - Authentication
    • Added mappings for source host and source IP
  • [Updated] Duo Security Admin API - Non-User Audit Changes
    • Added mappings for source host and source IP
  • [Updated] Duo Security Admin API - Targeted User Audit Changes
    • Added mappings for source host and source IP
  • [Updated] Microsoft Graph Identity Protection API C2C - riskDetections
    • Added principal as primary user_username key
  • [Updated] Microsoft Graph Identity Protection API C2C - riskyUsers
    • Added principal as primary user_username key
tip

For all the up-to-date Cloud SIEM content, see the Cloud SIEM Content Catalog.

Legal
Privacy Statement
Terms of Use

Copyright © 2024 by Sumo Logic, Inc.