Skip to main content

February 24th, 2026 - Content Release

  • This content release includes:
    • Added MITRE ATLAS Tactics and Techniques to tag schema for improved attack pattern classification and detection rule development.
    • Expanded Ubiquiti Unifi network visibility with 7 new log mappers and parser enhancements covering process execution, DHCP events, DNS queries, and general network traffic.
    • Enhanced field mappings and parsing for email security, web traffic analysis, and authentication monitoring:
      • Abnormal Security threat detection now captures email metadata, sender/recipient details, and threat categorization.
      • Netskope web transactions include network connection details, file hashes, and error context.
      • Okta Active Directory authentication events provide standardized user identification.

Additional changes are enumerated below.

Log Mappers

  • [New] Unifi - Process Cron - Command Execution
  • [New] Unifi - Process sudo - Superuser Do Command Execution
  • [New] Unifi DHCP ACK Event
  • [New] Unifi DHCP Offer Event
  • [New] Unifi DHCP Request and DHCP DISCOVER Event
  • [New] Unifi DNS Network Event
  • [New] Unifi Network Event
  • [Updated] Abnormal Security Threats
  • [Updated] Netskope - WebTx Events
  • [Updated] Okta Authentication - auth_via_AD_agent
  • [Updated] Unifi Catch All
  • [Updated] Unifi HTTP Request Logs

Parsers

  • [Updated] /Parsers/System/Abnormal Security/Abnormal Security
  • [Updated] /Parsers/System/Netskope/Netskope WebTx
  • [Updated] /Parsers/System/Okta/Okta
  • [Updated] /Parsers/System/Ubiquiti/Ubiquiti Unifi
Status
Legal
Privacy Statement
Terms of Use
CA Privacy Notice

Copyright © 2026 by Sumo Logic, Inc.