February 27, 2025 - Content Release
This content release includes updates to mapping and parsing to support additional AWS CloudTrail, F5 Firewall, and modify behavior in Microsoft Office 365 login events.
Changes are enumerated below.
Log Mappers​
- [New] CloudTrail Batch get Partition
- [New] F5 Tmm Audit and APMD Audit - Custom Parser
- [New] F5 Session and adfs proxy - Custom Parser
- [Updated] F5 SSHD and Apmd - Custom Parser
- Expands scope of existing mapper to include Apmd events.
- [Updated] Microsoft Office 365 Active Directory Authentication Events
- Adds exclusion for invalid user ID
00000000-0000-0000-0000-000000000000
.
- Adds exclusion for invalid user ID
Parsers​
- [Updated] /Parsers/System/F5/F5 Syslog