Skip to main content

April 25, 2025 - Content Release

April 25, 2025

This content release includes:

Fixes for Threat Intelligence rules to correct match expression syntax for hash and HTTP referrer.
Parsing and mapping updates for Microsoft Office 365 to improve target user visibility.

Rules

[Updated] MATCH-S01009 Threat Intel - HTTP Referrer
[Updated] MATCH-S01012 Threat Intel - HTTP Referrer Root Domain
[Updated] MATCH-S00999 Threat Intel - IMPHASH Match
[Updated] MATCH-S01000 Threat Intel - MD5 Match
[Updated] MATCH-S01001 Threat Intel - PEHASH Match
[Updated] MATCH-S01003 Threat Intel - SHA1 Match
[Updated] MATCH-S01004 Threat Intel - SHA256 Match
[Updated] MATCH-S01002 Threat Intel - SSDEEP Match

Log Mappers

[Updated] Microsoft Office 365 Active Directory Authentication Events
[Updated] Microsoft Office 365 AzureActiveDirectory Events

Parsers

[Updated] /Parsers/System/Microsoft/Office 365

Privacy Statement

Copyright © 2025 by Sumo Logic, Inc.