Skip to main content

March 12th, 2026 - Content Release

This content release includes:

  • New Cloudflare DNS event visibility with a dedicated log mapper and enhanced parser support for DNS query logging.
  • Improved Infoblox DHCP event handling with updated field mappings and additional timestamp format support.
  • Refined detection logic for Office 365 MailItemsAccessed events. Now using global baselines for more accurate first-seen analysis.
  • Performance optimization for Windows critical service monitoring rule.

Additional changes are enumerated below.

Rules

  • [Updated] FIRST-S00044 First Seen AppID Generating MailItemsAccessed Event from User
  • [Updated] MATCH-S00521 Windows - Critical Service Disabled via Command Line

Log Mappers

  • [New] Cloudflare - DNS Events
  • [Updated] Infoblox DDI - DHCP

Parsers

  • [Updated] /Parsers/System/Cisco/Cisco ASA
  • [Updated] /Parsers/System/Cloudflare/Cloudflare Logpush
  • [Updated] /Parsers/System/Infoblox/Infoblox
  • [Updated] /Parsers/System/Linux/Linux OS Syslog
Status
Legal
Privacy Statement
Terms of Use
CA Privacy Notice

Copyright © 2026 by Sumo Logic, Inc.