Skip to main content

April 25, 2025 - Content Release

This content release includes:

  • Fixes for Threat Intelligence rules to correct match expression syntax for hash and HTTP referrer.
  • Parsing and mapping updates for Microsoft Office 365 to improve target user visibility.

Rules

  • [Updated] MATCH-S01009 Threat Intel - HTTP Referrer
  • [Updated] MATCH-S01012 Threat Intel - HTTP Referrer Root Domain
  • [Updated] MATCH-S00999 Threat Intel - IMPHASH Match
  • [Updated] MATCH-S01000 Threat Intel - MD5 Match
  • [Updated] MATCH-S01001 Threat Intel - PEHASH Match
  • [Updated] MATCH-S01003 Threat Intel - SHA1 Match
  • [Updated] MATCH-S01004 Threat Intel - SHA256 Match
  • [Updated] MATCH-S01002 Threat Intel - SSDEEP Match

Log Mappers

  • [Updated] Microsoft Office 365 Active Directory Authentication Events
  • [Updated] Microsoft Office 365 AzureActiveDirectory Events

Parsers

  • [Updated] /Parsers/System/Microsoft/Office 365
Status
Legal
Privacy Statement
Terms of Use

Copyright © 2025 by Sumo Logic, Inc.