From ec7eeded58739ebcd46868ada3822a87f6b0c8fe Mon Sep 17 00:00:00 2001 From: patel-bhavin <7771446+patel-bhavin@users.noreply.github.com> Date: Sat, 7 Feb 2026 07:09:03 +0000 Subject: [PATCH] Updated TAs --- contentctl.yml | 4 ++-- data_sources/cisco_ai_defense_alerts.yml | 2 +- data_sources/cisco_asa_logs.yml | 2 +- data_sources/cisco_duo_activity.yml | 2 +- data_sources/cisco_duo_administrator.yml | 2 +- data_sources/cisco_isovalent_process_connect.yml | 2 +- data_sources/cisco_isovalent_process_exec.yml | 2 +- data_sources/cisco_isovalent_process_kprobe.yml | 2 +- .../cisco_secure_firewall_threat_defense_connection_event.yml | 2 +- .../cisco_secure_firewall_threat_defense_file_event.yml | 2 +- .../cisco_secure_firewall_threat_defense_intrusion_event.yml | 2 +- 11 files changed, 12 insertions(+), 12 deletions(-) diff --git a/contentctl.yml b/contentctl.yml index 7d316ccccf..be57136772 100644 --- a/contentctl.yml +++ b/contentctl.yml @@ -44,9 +44,9 @@ apps: - uid: 7404 title: Cisco Security Cloud appid: CiscoSecurityCloud - version: 3.5.3 + version: 3.6.0 description: description of app - hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/cisco-security-cloud_353.tgz + hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/cisco-security-cloud_360.tgz - uid: 6652 title: Add-on for Linux Sysmon appid: Splunk_TA_linux_sysmon diff --git a/data_sources/cisco_ai_defense_alerts.yml b/data_sources/cisco_ai_defense_alerts.yml index 75551eb9f8..e41f8c6495 100644 --- a/data_sources/cisco_ai_defense_alerts.yml +++ b/data_sources/cisco_ai_defense_alerts.yml @@ -10,5 +10,5 @@ separator: null supported_TA: - name: Cisco Security Cloud url: https://splunkbase.splunk.com/app/7404 - version: 3.5.3 + version: 3.6.0 fields: null diff --git a/data_sources/cisco_asa_logs.yml b/data_sources/cisco_asa_logs.yml index 4622631ffc..f2cc78f938 100644 --- a/data_sources/cisco_asa_logs.yml +++ b/data_sources/cisco_asa_logs.yml @@ -21,7 +21,7 @@ separator: null supported_TA: - name: Cisco Security Cloud url: https://splunkbase.splunk.com/app/7404 - version: 3.5.3 + version: 3.6.0 fields: - Cisco_ASA_action - Cisco_ASA_message_id diff --git a/data_sources/cisco_duo_activity.yml b/data_sources/cisco_duo_activity.yml index 1667cfc1d6..0fbbde83e3 100644 --- a/data_sources/cisco_duo_activity.yml +++ b/data_sources/cisco_duo_activity.yml @@ -10,7 +10,7 @@ separator: null supported_TA: - name: Cisco Security Cloud url: https://splunkbase.splunk.com/app/7404 - version: 3.5.3 + version: 3.6.0 fields: - access_device.browser - access_device.browser_version diff --git a/data_sources/cisco_duo_administrator.yml b/data_sources/cisco_duo_administrator.yml index 7b69408bb6..26480d5012 100644 --- a/data_sources/cisco_duo_administrator.yml +++ b/data_sources/cisco_duo_administrator.yml @@ -10,7 +10,7 @@ separator: null supported_TA: - name: Cisco Security Cloud url: https://splunkbase.splunk.com/app/7404 - version: 3.5.3 + version: 3.6.0 fields: - action - actionlabel diff --git a/data_sources/cisco_isovalent_process_connect.yml b/data_sources/cisco_isovalent_process_connect.yml index 619a219161..1fc90930d9 100644 --- a/data_sources/cisco_isovalent_process_connect.yml +++ b/data_sources/cisco_isovalent_process_connect.yml @@ -13,7 +13,7 @@ sourcetype: cisco:isovalent:processConnect supported_TA: - name: Cisco Security Cloud url: https://splunkbase.splunk.com/app/7404 - version: 3.5.3 + version: 3.6.0 fields: - _time - app diff --git a/data_sources/cisco_isovalent_process_exec.yml b/data_sources/cisco_isovalent_process_exec.yml index 932338d2bd..dd9ffdfc40 100644 --- a/data_sources/cisco_isovalent_process_exec.yml +++ b/data_sources/cisco_isovalent_process_exec.yml @@ -10,7 +10,7 @@ sourcetype: cisco:isovalent:processExec supported_TA: - name: Cisco Security Cloud url: https://splunkbase.splunk.com/app/7404 - version: 3.5.3 + version: 3.6.0 fields: - _time - cluster_name diff --git a/data_sources/cisco_isovalent_process_kprobe.yml b/data_sources/cisco_isovalent_process_kprobe.yml index 480d399802..5790747450 100644 --- a/data_sources/cisco_isovalent_process_kprobe.yml +++ b/data_sources/cisco_isovalent_process_kprobe.yml @@ -12,7 +12,7 @@ sourcetype: cisco:isovalent supported_TA: - name: Cisco Security Cloud url: https://splunkbase.splunk.com/app/7404 - version: 3.5.3 + version: 3.6.0 fields: - _time - app diff --git a/data_sources/cisco_secure_firewall_threat_defense_connection_event.yml b/data_sources/cisco_secure_firewall_threat_defense_connection_event.yml index 4d2ffaff06..abf9da83b8 100644 --- a/data_sources/cisco_secure_firewall_threat_defense_connection_event.yml +++ b/data_sources/cisco_secure_firewall_threat_defense_connection_event.yml @@ -10,7 +10,7 @@ sourcetype: cisco:sfw:estreamer supported_TA: - name: Cisco Security Cloud url: https://splunkbase.splunk.com/app/7404 - version: 3.5.3 + version: 3.6.0 fields: - AC_RuleAction - action diff --git a/data_sources/cisco_secure_firewall_threat_defense_file_event.yml b/data_sources/cisco_secure_firewall_threat_defense_file_event.yml index a9e3ffaec3..ec04b615a6 100644 --- a/data_sources/cisco_secure_firewall_threat_defense_file_event.yml +++ b/data_sources/cisco_secure_firewall_threat_defense_file_event.yml @@ -10,7 +10,7 @@ sourcetype: cisco:sfw:estreamer supported_TA: - name: Cisco Security Cloud url: https://splunkbase.splunk.com/app/7404 - version: 3.5.3 + version: 3.6.0 fields: - app - Application diff --git a/data_sources/cisco_secure_firewall_threat_defense_intrusion_event.yml b/data_sources/cisco_secure_firewall_threat_defense_intrusion_event.yml index 02c0b2cecf..5c9def09d0 100644 --- a/data_sources/cisco_secure_firewall_threat_defense_intrusion_event.yml +++ b/data_sources/cisco_secure_firewall_threat_defense_intrusion_event.yml @@ -10,7 +10,7 @@ sourcetype: cisco:sfw:estreamer supported_TA: - name: Cisco Security Cloud url: https://splunkbase.splunk.com/app/7404 - version: 3.5.3 + version: 3.6.0 fields: - Application - Classification