February 9th, 2026 - Content Release

February 9, 2026

This content release includes:

New support for OpenAI and Anthropic Claude Code audit logging to monitor AI platform usage, API key lifecycle, and organizational access.
New support for Akamai Noname API Security threat detection and analysis.
Enhanced CrowdStrike Falcon detection coverage including XDR events, automated lead summaries, and data protection alerts.
Standardized device IP field mappings across Cisco ASA log mappers for improved asset correlation.

Additional changes are enumerated below.

[Updated] MATCH-S00521 Windows - Critical Service Disabled via Command Line. Updated detection expression for improved query performance.

[New] Akamai Noname API Security Insight Log
[New] Anthropic Claude Code - api_request|api_error|user_prompt|tool_result|tool_decision
[New] Anthropic Claude Code Catch All
[New] CrowdStrike Alert - All Detections
[New] CrowdStrike Falcon - AutomatedLeadSummaryEvent|XdrDetectionSummaryEvent
[New] CrowdStrike Falcon - DataProtectionDetectionSummaryEvent
[New] OpenAI Audit - API Key Events
[New] OpenAI Audit - Invite Events
[New] OpenAI Audit - Login Events
[New] OpenAI Audit - Organization Events
[New] OpenAI Audit - Project Events
[New] OpenAI Audit - Role Assignment Events
[New] OpenAI Audit - Role Events
[New] OpenAI Audit - Service Account Events
[New] OpenAI Audit - User Management Events
[New] OpenAI Audit - Workflow Events
[New] OpenAI Audit Catch All
[Updated] Cisco ASA 106001 JSON
[Updated] Cisco ASA 106102-3 JSON
[Updated] Cisco ASA 109201|109207|113022
[Updated] Cisco ASA 4180(18|19|44)
[Updated] Cisco ASA 609002 JSON
[Updated] Cisco ASA 713172 JSON
[Updated] Cisco ASA 713nnn JSON
[Updated] Cisco ASA 716039 JSON
[Updated] Cisco ASA 716059 JSON
[Updated] Cisco ASA 725016|771002
[Updated] Cisco ASA 733100|734001|737005|737017|737036|737029|746014|746015|746016 JSON
[Updated] Cisco Umbrella DNS Logs
[Updated] Unifi HTTP Request Logs