If you didn't catch Saket's update about Log Parsers, be sure to look at all the improvements they made. Here's the January roll-up of the new detection capabilities added via Live.
Parsers
- PVID
- CustomTCP
- Lua Mail Options file
- rekaf
- Cerber
- Updates to the DynDNS parser
Feed Additions
- Grizzly Steppe
- Locky
- Cerber
- Schoolbell
- Kingslayer
- Tox Supernode
Reports
- Added Tox traffic to the 'Encrypted Traffic' report