Azure-Sentinel

Yaron d79c1596bf yaml structure bug	2021-10-04 11:31:11 +03:00
..
AADUserInfo	Move New Community Content to Proper Location	2021-06-10 10:41:18 -07:00
ASim	Update ASimFullDeployment.json	2021-09-30 17:15:00 +03:00
ASim Microsoft Defender for IoT - Endpoint	LinuxSysmon Network inclusion in deploys and union parser	2021-09-13 12:45:16 +03:00
ASim Sysmon for Linux	Update README.md	2021-09-30 15:06:44 +03:00
ASim Sysmon for Windows	Sysmon deploy	2021-09-14 14:03:33 +03:00
ASim WindowsEvent	WindowsEvent depoly update	2021-09-14 11:27:29 +03:00
ASimAuthentication	Fix non-ascii	2021-09-12 23:26:10 +03:00
ASimDns	yaml structure bug	2021-10-04 11:31:11 +03:00
ASimFileEvent	fixes	2021-10-03 17:44:55 +03:00
ASimNetworkSession	last fix	2021-10-04 11:04:18 +03:00
ASimProcessEvent	small fixes	2021-10-04 10:05:13 +03:00
ASimRegistry	Merge pull request #3093 from Azure/dev/normalization/sysmon_new_version	2021-09-30 15:01:05 +03:00
Akamai	Akamai Security Events Data Connector (#1375 )	2020-12-04 11:18:30 -08:00
Alsid	Add the Codename table mapping for IOAs and remove the \r\n at the end of parsing requests	2021-03-23 12:54:40 +01:00
Apache	Removing unicod chars	2021-01-31 12:59:07 -08:00
ArubaClearPass	added v6.6+ support	2021-01-25 10:28:46 -08:00
Barracuda	Update CGFWFirewallActivity	2021-01-20 04:26:55 +05:30
CiscoISE	Update CiscoISE.txt	2021-05-25 08:38:09 +03:00
CiscoMeraki	Merge pull request #1636 from richlilly2004/CiscoMerakiAPI	2021-05-18 21:30:16 -07:00
CiscoUCS	ACN_CD_CiscoUCS_Parser01 (#1282 )	2020-11-13 12:58:51 -08:00
CiscoUmbrella	Removing unicod chars	2021-01-31 12:59:07 -08:00
ConfluenceAudit	ConfluenceAudit: fixing parser, connector json	2021-04-01 10:05:29 +03:00
CyberArk	Removing locale from documentation link (#714 )	2020-05-28 13:07:37 -07:00
CylancePROTECT	revisions	2020-12-06 10:42:21 -08:00
Duo Security	Move New Community Content to Proper Location	2021-06-10 10:41:18 -07:00
Exabeam	exabeam - update parser	2021-03-18 15:56:42 +02:00
GWorkspaceReports	🧹 Fix typo in GWorkspaceActivityReports function	2021-07-08 11:02:31 +01:00
GitHub	Fixed typo visability to visibility in GitHubAuditLog parser	2021-07-07 16:54:21 -07:00
InfobloxNIOS	Updated client fix	2021-07-29 09:48:58 +05:30
JiraAudit	JiraAudit: parser_function	2021-01-28 16:48:52 +02:00
JuniperSRX	revisions	2020-11-19 15:19:10 -08:00
Logstash	Typo fixes per PR review	2020-08-18 12:49:02 -07:00
MCAS	MCASActivity Data Connector	2021-05-06 19:33:35 +00:00
Morphisec	Morphiesc DataConnector (#1435 )	2021-01-05 18:13:12 -08:00
NGINX	Added NGINX data connector	2021-01-20 14:14:14 +02:00
Netskope	Netskope Parser Function	2020-11-13 15:31:42 -08:00
OSSEC	ossec - update parser and connector json	2021-03-25 12:39:08 +02:00
Onapsis	Adding Onapsis Connector and Workbook (#1303 )	2020-11-19 20:24:52 -08:00
OneLogin	Removing locale from documentation link (#714 )	2020-05-28 13:07:37 -07:00
OracleWebLogicServer	oracle web logic server - fix parser instructions	2021-03-31 10:40:09 +03:00
ProofpointPOD	Proofpoint POD Connector (#1293 )	2020-11-20 17:30:04 -08:00
PulseConnectSecure	Update PulseConnectSecure.txt	2020-11-11 08:50:26 -08:00
QualysKB	revisions	2020-12-09 15:16:22 -08:00
SQLSever	Update SQLServer_Parser.txt	2020-07-04 21:10:50 +05:30
SalesforceServiceCloud	Salesforce Service Cloud Connector (#1292 )	2020-11-16 19:31:20 -08:00
SentinelOne	SentinelOne: Samples+ fixes	2021-03-30 15:40:18 +03:00
SophosXGFirewall	ACNCD_DataConnectors_final (#767 )	2020-07-07 15:25:53 -07:00
SquidProxy	Squid Proxy Parser (#1232 )	2020-11-17 15:00:02 -08:00
SymantecDLP	ACN_CD_SymantecDLP_Parser01 (#1364 )	2020-12-04 16:46:08 -08:00
SymantecEndpointProtection	regex updates	2021-04-06 15:46:54 -07:00
SymantecProxySG	ACNCD_AzureSentinel-DataConnectors (#706 )	2020-06-05 14:14:23 -07:00
SymantecVIP	ACNCD_AzureSentinel-DataConnectors (#706 )	2020-06-05 14:14:23 -07:00
SyslogAUOMS	Small bug fix for when auditd is installed	2020-04-17 14:05:36 +00:00
Sysmon	Fixing a Typo for SysmonEvent13_RegistrySetValue function	2021-04-08 14:51:41 +02:00
Tomcat	tomcat - fix parser	2021-03-24 11:42:28 +02:00
TrendMicro	Update TrendMicroTippingPoint	2020-11-06 10:50:17 -06:00
VMwareESXi	Update the function name from VMWareESXi to VMwareESXi (#1323 )	2020-11-17 15:06:36 -08:00
WorkplaceFacebook	WorkplaceFacebook: connector+parser+schema	2021-03-31 14:40:48 +03:00
ZPA	zpa - update connector and parser	2021-06-08 17:17:21 +03:00
ZScaler	Update ZScalerWeb_Parser.csl	2020-10-28 07:56:34 -04:00
ZoomReports	ZoomReports: table, parser, sample	2021-03-22 16:23:57 +02:00
pfsense	workbook, connector, parsers	2021-03-02 22:23:45 +00:00
AwsS3BucketAPILogsParser.txt	Couple additional fixes	2021-02-01 08:22:36 -08:00
Cisco_ISEParser.txt	added comments for locale	2020-09-25 11:42:02 -07:00
CommonSecurityLogs-AdditionalExtensionParser.txt	Update CommonSecurityLogs-AdditionalExtensionParser.txt	2020-09-02 15:41:32 -07:00
Epic_Parser.csl	Update Epic_Parser.csl	2020-07-16 09:03:02 -04:00
ForgeRockParser.txt	Update ForgeRockParser.txt	2020-07-23 13:59:35 -07:00
KVPairExtraction	Update KVPairExtraction	2021-03-24 21:37:05 -07:00
Netscaler_parser.csl	Update Netscaler_parser.csl	2020-07-17 08:38:41 -04:00
OneIdentity_Safeguard.txt	Update OneIdentity_Safeguard.txt	2021-05-06 08:42:24 -07:00
PAN_Parser.csl	Cleaned up some fields	2020-07-29 09:09:03 -04:00
Readme	Update Readme	2021-01-19 21:07:07 -08:00
RemoteDesktopServices-RdpCoreTS-parser.txt	Locale removed in URL	2020-05-29 09:39:03 +02:00
Teams_parser.txt	Removing locale from documentation link (#714 )	2020-05-28 13:07:37 -07:00
WatchGuardFirebox.txt	Align WatchGuard parser to Azure Sentinel CIM	2021-06-14 23:07:57 +01:00
Zoom_parser.txt	Removing locale from documentation link (#714 )	2020-05-28 13:07:37 -07:00
bind9_syslog.txt	bind9 parser comment fixes	2020-10-23 13:14:39 -05:00
squid_parser.txt	Removing locale from documentation link (#714 )	2020-05-28 13:07:37 -07:00

AADUserInfo

Move New Community Content to Proper Location

2021-06-10 10:41:18 -07:00

ASim

Update ASimFullDeployment.json

2021-09-30 17:15:00 +03:00

ASim Microsoft Defender for IoT - Endpoint

LinuxSysmon Network inclusion in deploys and union parser

2021-09-13 12:45:16 +03:00

ASim Sysmon for Linux

Update README.md

2021-09-30 15:06:44 +03:00

ASim Sysmon for Windows

Sysmon deploy

2021-09-14 14:03:33 +03:00

ASim WindowsEvent

WindowsEvent depoly update

2021-09-14 11:27:29 +03:00

ASimAuthentication

Fix non-ascii

2021-09-12 23:26:10 +03:00

ASimDns

yaml structure bug

2021-10-04 11:31:11 +03:00

ASimFileEvent

fixes

2021-10-03 17:44:55 +03:00

ASimNetworkSession

last fix

2021-10-04 11:04:18 +03:00

ASimProcessEvent

small fixes

2021-10-04 10:05:13 +03:00

ASimRegistry

Merge pull request #3093 from Azure/dev/normalization/sysmon_new_version

2021-09-30 15:01:05 +03:00

Akamai

Akamai Security Events Data Connector (#1375 )

2020-12-04 11:18:30 -08:00

Alsid

Add the Codename table mapping for IOAs and remove the \r\n at the end of parsing requests

2021-03-23 12:54:40 +01:00

Apache

Removing unicod chars

2021-01-31 12:59:07 -08:00

ArubaClearPass

added v6.6+ support

2021-01-25 10:28:46 -08:00

Barracuda

Update CGFWFirewallActivity

2021-01-20 04:26:55 +05:30

CiscoISE

Update CiscoISE.txt

2021-05-25 08:38:09 +03:00

CiscoMeraki

Merge pull request #1636 from richlilly2004/CiscoMerakiAPI

2021-05-18 21:30:16 -07:00

CiscoUCS

ACN_CD_CiscoUCS_Parser01 (#1282 )

2020-11-13 12:58:51 -08:00

CiscoUmbrella

Removing unicod chars

2021-01-31 12:59:07 -08:00

ConfluenceAudit

ConfluenceAudit: fixing parser, connector json

2021-04-01 10:05:29 +03:00

CyberArk

Removing locale from documentation link (#714 )

2020-05-28 13:07:37 -07:00

CylancePROTECT

revisions

2020-12-06 10:42:21 -08:00

Duo Security

Move New Community Content to Proper Location

2021-06-10 10:41:18 -07:00

Exabeam

exabeam - update parser

2021-03-18 15:56:42 +02:00

GWorkspaceReports

🧹 Fix typo in GWorkspaceActivityReports function

2021-07-08 11:02:31 +01:00

GitHub

Fixed typo visability to visibility in GitHubAuditLog parser

2021-07-07 16:54:21 -07:00

InfobloxNIOS

Updated client fix

2021-07-29 09:48:58 +05:30

JiraAudit

JiraAudit: parser_function

2021-01-28 16:48:52 +02:00

JuniperSRX

revisions

2020-11-19 15:19:10 -08:00

Logstash

Typo fixes per PR review

2020-08-18 12:49:02 -07:00

MCAS

MCASActivity Data Connector

2021-05-06 19:33:35 +00:00

Morphisec

Morphiesc DataConnector (#1435 )

2021-01-05 18:13:12 -08:00

NGINX

Added NGINX data connector

2021-01-20 14:14:14 +02:00

Netskope

Netskope Parser Function

2020-11-13 15:31:42 -08:00

OSSEC

ossec - update parser and connector json

2021-03-25 12:39:08 +02:00

Onapsis

Adding Onapsis Connector and Workbook (#1303 )

2020-11-19 20:24:52 -08:00

OneLogin

Removing locale from documentation link (#714 )

2020-05-28 13:07:37 -07:00

OracleWebLogicServer

oracle web logic server - fix parser instructions

2021-03-31 10:40:09 +03:00

ProofpointPOD

Proofpoint POD Connector (#1293 )

2020-11-20 17:30:04 -08:00

PulseConnectSecure

Update PulseConnectSecure.txt

2020-11-11 08:50:26 -08:00

QualysKB

revisions

2020-12-09 15:16:22 -08:00

SQLSever

Update SQLServer_Parser.txt

2020-07-04 21:10:50 +05:30

SalesforceServiceCloud

Salesforce Service Cloud Connector (#1292 )

2020-11-16 19:31:20 -08:00

SentinelOne

SentinelOne: Samples+ fixes

2021-03-30 15:40:18 +03:00

SophosXGFirewall

ACNCD_DataConnectors_final (#767 )

2020-07-07 15:25:53 -07:00

SquidProxy

Squid Proxy Parser (#1232 )

2020-11-17 15:00:02 -08:00

SymantecDLP

ACN_CD_SymantecDLP_Parser01 (#1364 )

2020-12-04 16:46:08 -08:00

SymantecEndpointProtection

regex updates

2021-04-06 15:46:54 -07:00

SymantecProxySG

ACNCD_AzureSentinel-DataConnectors (#706 )

2020-06-05 14:14:23 -07:00

SymantecVIP

ACNCD_AzureSentinel-DataConnectors (#706 )

2020-06-05 14:14:23 -07:00

SyslogAUOMS

Small bug fix for when auditd is installed

2020-04-17 14:05:36 +00:00

Sysmon

Fixing a Typo for SysmonEvent13_RegistrySetValue function

2021-04-08 14:51:41 +02:00

Tomcat

tomcat - fix parser

2021-03-24 11:42:28 +02:00

TrendMicro

Update TrendMicroTippingPoint

2020-11-06 10:50:17 -06:00

VMwareESXi

Update the function name from VMWareESXi to VMwareESXi (#1323 )

2020-11-17 15:06:36 -08:00

WorkplaceFacebook

WorkplaceFacebook: connector+parser+schema

2021-03-31 14:40:48 +03:00

ZPA

zpa - update connector and parser

2021-06-08 17:17:21 +03:00

ZScaler

Update ZScalerWeb_Parser.csl

2020-10-28 07:56:34 -04:00

ZoomReports

ZoomReports: table, parser, sample

2021-03-22 16:23:57 +02:00

pfsense

workbook, connector, parsers

2021-03-02 22:23:45 +00:00

AwsS3BucketAPILogsParser.txt

Couple additional fixes

2021-02-01 08:22:36 -08:00

Cisco_ISEParser.txt

added comments for locale

2020-09-25 11:42:02 -07:00

CommonSecurityLogs-AdditionalExtensionParser.txt

Update CommonSecurityLogs-AdditionalExtensionParser.txt

2020-09-02 15:41:32 -07:00

Epic_Parser.csl

Update Epic_Parser.csl

2020-07-16 09:03:02 -04:00

ForgeRockParser.txt

Update ForgeRockParser.txt

2020-07-23 13:59:35 -07:00

KVPairExtraction

Update KVPairExtraction

2021-03-24 21:37:05 -07:00

Netscaler_parser.csl

Update Netscaler_parser.csl

2020-07-17 08:38:41 -04:00

OneIdentity_Safeguard.txt

Update OneIdentity_Safeguard.txt

2021-05-06 08:42:24 -07:00

PAN_Parser.csl

Cleaned up some fields

2020-07-29 09:09:03 -04:00

Readme

Update Readme

2021-01-19 21:07:07 -08:00

RemoteDesktopServices-RdpCoreTS-parser.txt

Locale removed in URL

2020-05-29 09:39:03 +02:00

Teams_parser.txt

Removing locale from documentation link (#714 )

2020-05-28 13:07:37 -07:00

WatchGuardFirebox.txt

Align WatchGuard parser to Azure Sentinel CIM

2021-06-14 23:07:57 +01:00

Zoom_parser.txt

Removing locale from documentation link (#714 )

2020-05-28 13:07:37 -07:00

bind9_syslog.txt

bind9 parser comment fixes

2020-10-23 13:14:39 -05:00

squid_parser.txt

Removing locale from documentation link (#714 )

2020-05-28 13:07:37 -07:00