diff --git a/contentctl.yml b/contentctl.yml
index 7b46211ee6..a6033dc97e 100644
--- a/contentctl.yml
+++ b/contentctl.yml
@@ -44,9 +44,9 @@ apps:
 - uid: 7404
   title: Cisco Security Cloud
   appid: CiscoSecurityCloud
-  version: 3.6.3
+  version: 3.6.4
   description: description of app
-  hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/cisco-security-cloud_363.tgz
+  hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/cisco-security-cloud_364.tgz
 - uid: 6652
   title: Add-on for Linux Sysmon
   appid: Splunk_TA_linux_sysmon
@@ -65,9 +65,9 @@ apps:
 - uid: 742
   title: Splunk Add-on for Microsoft Windows
   appid: SPLUNK_ADD_ON_FOR_MICROSOFT_WINDOWS
-  version: 9.1.2
+  version: 10.0.0
   description: description of app
-  hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-microsoft-windows_912.tgz
+  hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-microsoft-windows_1000.tgz
 - uid: 5709
   title: Splunk Add-on for Sysmon
   appid: Splunk_TA_microsoft_sysmon
@@ -161,15 +161,15 @@ apps:
 - uid: 3110
   title: Splunk Add-on for Microsoft Cloud Services
   appid: SPLUNK_TA_MICROSOFT_CLOUD_SERVICES
-  version: 6.1.0
+  version: 6.1.1
   description: description of app
-  hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-microsoft-cloud-services_610.tgz
+  hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-microsoft-cloud-services_611.tgz
 - uid: 4055
   title: Splunk Add-on for Microsoft Office 365
   appid: SPLUNK_ADD_ON_FOR_MICROSOFT_OFFICE_365
-  version: 5.1.0
+  version: 6.0.1
   description: description of app
-  hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-microsoft-office-365_510.tgz
+  hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-microsoft-office-365_601.tgz
 - uid: 5518
   title: Splunk add on for Microsoft Defender Advanced Hunting
   appid: SPLUNK_ADD_ON_FOR_MICROSOFT_DEFENDER_ADVANCED_HUNTING
diff --git a/data_sources/azure_active_directory.yml b/data_sources/azure_active_directory.yml
index cc4e50dddd..6a00b39f1e 100644
--- a/data_sources/azure_active_directory.yml
+++ b/data_sources/azure_active_directory.yml
@@ -10,7 +10,7 @@ separator: operationName
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 output_fields:
 - dest
 - user
diff --git a/data_sources/azure_active_directory_add_app_role_assignment_to_service_principal.yml b/data_sources/azure_active_directory_add_app_role_assignment_to_service_principal.yml
index e297eb5a27..5bc33b6253 100644
--- a/data_sources/azure_active_directory_add_app_role_assignment_to_service_principal.yml
+++ b/data_sources/azure_active_directory_add_app_role_assignment_to_service_principal.yml
@@ -18,7 +18,7 @@ separator_value: Add app role assignment to service principal
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level
diff --git a/data_sources/azure_active_directory_add_member_to_role.yml b/data_sources/azure_active_directory_add_member_to_role.yml
index 78fafcc82b..35b1ae85fa 100644
--- a/data_sources/azure_active_directory_add_member_to_role.yml
+++ b/data_sources/azure_active_directory_add_member_to_role.yml
@@ -18,7 +18,7 @@ separator_value: Add member to role
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level
diff --git a/data_sources/azure_active_directory_add_owner_to_application.yml b/data_sources/azure_active_directory_add_owner_to_application.yml
index f938018d99..96e4a2035f 100644
--- a/data_sources/azure_active_directory_add_owner_to_application.yml
+++ b/data_sources/azure_active_directory_add_owner_to_application.yml
@@ -18,7 +18,7 @@ separator_value: Add owner to application
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level
diff --git a/data_sources/azure_active_directory_add_service_principal.yml b/data_sources/azure_active_directory_add_service_principal.yml
index 56b97e062e..6b9f9f456c 100644
--- a/data_sources/azure_active_directory_add_service_principal.yml
+++ b/data_sources/azure_active_directory_add_service_principal.yml
@@ -18,7 +18,7 @@ separator_value: Add service principal
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level
diff --git a/data_sources/azure_active_directory_add_unverified_domain.yml b/data_sources/azure_active_directory_add_unverified_domain.yml
index 76e16cdd2d..32626c5aa9 100644
--- a/data_sources/azure_active_directory_add_unverified_domain.yml
+++ b/data_sources/azure_active_directory_add_unverified_domain.yml
@@ -17,7 +17,7 @@ separator_value: Add unverified domain
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level
diff --git a/data_sources/azure_active_directory_consent_to_application.yml b/data_sources/azure_active_directory_consent_to_application.yml
index 307374437f..ec658594bd 100644
--- a/data_sources/azure_active_directory_consent_to_application.yml
+++ b/data_sources/azure_active_directory_consent_to_application.yml
@@ -18,7 +18,7 @@ separator_value: Consent to application
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level
diff --git a/data_sources/azure_active_directory_disable_strong_authentication.yml b/data_sources/azure_active_directory_disable_strong_authentication.yml
index f280a63cbb..337333172f 100644
--- a/data_sources/azure_active_directory_disable_strong_authentication.yml
+++ b/data_sources/azure_active_directory_disable_strong_authentication.yml
@@ -16,7 +16,7 @@ separator_value: Disable Strong Authentication
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level
diff --git a/data_sources/azure_active_directory_enable_account.yml b/data_sources/azure_active_directory_enable_account.yml
index a65079bbfa..4d655dbf44 100644
--- a/data_sources/azure_active_directory_enable_account.yml
+++ b/data_sources/azure_active_directory_enable_account.yml
@@ -15,7 +15,7 @@ separator_value: Enable account
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level
diff --git a/data_sources/azure_active_directory_invite_external_user.yml b/data_sources/azure_active_directory_invite_external_user.yml
index 1c664c6534..fea61f37aa 100644
--- a/data_sources/azure_active_directory_invite_external_user.yml
+++ b/data_sources/azure_active_directory_invite_external_user.yml
@@ -16,7 +16,7 @@ separator_value: Invite external user
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level
diff --git a/data_sources/azure_active_directory_microsoftgraphactivitylogs.yml b/data_sources/azure_active_directory_microsoftgraphactivitylogs.yml
index d14b21a5e2..f00ce2323f 100644
--- a/data_sources/azure_active_directory_microsoftgraphactivitylogs.yml
+++ b/data_sources/azure_active_directory_microsoftgraphactivitylogs.yml
@@ -10,7 +10,7 @@ separator: operationName
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 example_log: '{"time": "2024-04-30T01:22:46.4948958Z", "resourceId": "/TENANTS/225E05A1-5914-4688-A404-7030E60F3143/PROVIDERS/MICROSOFT.AADIAM",
diff --git a/data_sources/azure_active_directory_noninteractiveusersigninlogs.yml b/data_sources/azure_active_directory_noninteractiveusersigninlogs.yml
index e9bb1f79fb..2b0180bf69 100644
--- a/data_sources/azure_active_directory_noninteractiveusersigninlogs.yml
+++ b/data_sources/azure_active_directory_noninteractiveusersigninlogs.yml
@@ -10,7 +10,7 @@ separator: operationName
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - action
 - additional_details
diff --git a/data_sources/azure_active_directory_reset_password_(by_admin).yml b/data_sources/azure_active_directory_reset_password_(by_admin).yml
index d2a0e08a13..13a089b491 100644
--- a/data_sources/azure_active_directory_reset_password_(by_admin).yml
+++ b/data_sources/azure_active_directory_reset_password_(by_admin).yml
@@ -16,7 +16,7 @@ separator_value: Reset password (by admin)
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level
diff --git a/data_sources/azure_active_directory_set_domain_authentication.yml b/data_sources/azure_active_directory_set_domain_authentication.yml
index cdf0e2b189..d7827e8ef0 100644
--- a/data_sources/azure_active_directory_set_domain_authentication.yml
+++ b/data_sources/azure_active_directory_set_domain_authentication.yml
@@ -16,7 +16,7 @@ separator_value: Set domain authentication
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level
diff --git a/data_sources/azure_active_directory_sign_in_activity.yml b/data_sources/azure_active_directory_sign_in_activity.yml
index a0095fcef7..670fc671b0 100644
--- a/data_sources/azure_active_directory_sign_in_activity.yml
+++ b/data_sources/azure_active_directory_sign_in_activity.yml
@@ -16,7 +16,7 @@ separator_value: Sign-in activity
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level
diff --git a/data_sources/azure_active_directory_update_application.yml b/data_sources/azure_active_directory_update_application.yml
index f723bea62a..237f09bd7d 100644
--- a/data_sources/azure_active_directory_update_application.yml
+++ b/data_sources/azure_active_directory_update_application.yml
@@ -16,7 +16,7 @@ separator_value: Update application
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level
diff --git a/data_sources/azure_active_directory_update_authorization_policy.yml b/data_sources/azure_active_directory_update_authorization_policy.yml
index f0e0c7fb5f..b21575ad7a 100644
--- a/data_sources/azure_active_directory_update_authorization_policy.yml
+++ b/data_sources/azure_active_directory_update_authorization_policy.yml
@@ -16,7 +16,7 @@ separator_value: Update authorization policy
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level
diff --git a/data_sources/azure_active_directory_update_user.yml b/data_sources/azure_active_directory_update_user.yml
index 56e026cf7b..f35576f14d 100644
--- a/data_sources/azure_active_directory_update_user.yml
+++ b/data_sources/azure_active_directory_update_user.yml
@@ -14,7 +14,7 @@ separator_value: Update user
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level
diff --git a/data_sources/azure_active_directory_user_registered_security_info.yml b/data_sources/azure_active_directory_user_registered_security_info.yml
index 4503dadc7f..53e80c4a15 100644
--- a/data_sources/azure_active_directory_user_registered_security_info.yml
+++ b/data_sources/azure_active_directory_user_registered_security_info.yml
@@ -15,7 +15,7 @@ separator_value: User registered security info
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level
diff --git a/data_sources/azure_audit_create_or_update_an_azure_automation_account.yml b/data_sources/azure_audit_create_or_update_an_azure_automation_account.yml
index 304f8a3fc4..ccde445043 100644
--- a/data_sources/azure_audit_create_or_update_an_azure_automation_account.yml
+++ b/data_sources/azure_audit_create_or_update_an_azure_automation_account.yml
@@ -15,7 +15,7 @@ separator_value: Create or Update an Azure Automation account
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - authorization.action
diff --git a/data_sources/azure_audit_create_or_update_an_azure_automation_runbook.yml b/data_sources/azure_audit_create_or_update_an_azure_automation_runbook.yml
index cac7a56509..faf3d19ac2 100644
--- a/data_sources/azure_audit_create_or_update_an_azure_automation_runbook.yml
+++ b/data_sources/azure_audit_create_or_update_an_azure_automation_runbook.yml
@@ -15,7 +15,7 @@ separator_value: Create or Update an Azure Automation Runbook
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - authorization.action
diff --git a/data_sources/azure_audit_create_or_update_an_azure_automation_webhook.yml b/data_sources/azure_audit_create_or_update_an_azure_automation_webhook.yml
index 95beb13f6e..6dd735705e 100644
--- a/data_sources/azure_audit_create_or_update_an_azure_automation_webhook.yml
+++ b/data_sources/azure_audit_create_or_update_an_azure_automation_webhook.yml
@@ -15,7 +15,7 @@ separator_value: Create or Update an Azure Automation webhook
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - authorization.action
diff --git a/data_sources/azure_monitor_activity.yml b/data_sources/azure_monitor_activity.yml
index 13c8a8a817..8273e6ac84 100644
--- a/data_sources/azure_monitor_activity.yml
+++ b/data_sources/azure_monitor_activity.yml
@@ -13,7 +13,7 @@ separator: operationName
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - column
 - action
diff --git a/data_sources/cisco_ai_defense_alerts.yml b/data_sources/cisco_ai_defense_alerts.yml
index 185368d248..8383d55b3e 100644
--- a/data_sources/cisco_ai_defense_alerts.yml
+++ b/data_sources/cisco_ai_defense_alerts.yml
@@ -10,5 +10,5 @@ separator: null
 supported_TA:
 - name: Cisco Security Cloud
   url: https://splunkbase.splunk.com/app/7404
-  version: 3.6.3
+  version: 3.6.4
 fields: null
diff --git a/data_sources/cisco_asa_logs.yml b/data_sources/cisco_asa_logs.yml
index 8b1f3f3f84..8e5e6d83b0 100644
--- a/data_sources/cisco_asa_logs.yml
+++ b/data_sources/cisco_asa_logs.yml
@@ -21,7 +21,7 @@ separator: null
 supported_TA:
 - name: Cisco Security Cloud
   url: https://splunkbase.splunk.com/app/7404
-  version: 3.6.3
+  version: 3.6.4
 fields:
 - Cisco_ASA_action
 - Cisco_ASA_message_id
diff --git a/data_sources/cisco_duo_activity.yml b/data_sources/cisco_duo_activity.yml
index 04edd15118..07af680434 100644
--- a/data_sources/cisco_duo_activity.yml
+++ b/data_sources/cisco_duo_activity.yml
@@ -10,7 +10,7 @@ separator: null
 supported_TA:
 - name: Cisco Security Cloud
   url: https://splunkbase.splunk.com/app/7404
-  version: 3.6.3
+  version: 3.6.4
 fields:
 - access_device.browser
 - access_device.browser_version
diff --git a/data_sources/cisco_duo_administrator.yml b/data_sources/cisco_duo_administrator.yml
index 47efc5e28f..6ea9977510 100644
--- a/data_sources/cisco_duo_administrator.yml
+++ b/data_sources/cisco_duo_administrator.yml
@@ -10,7 +10,7 @@ separator: null
 supported_TA:
 - name: Cisco Security Cloud
   url: https://splunkbase.splunk.com/app/7404
-  version: 3.6.3
+  version: 3.6.4
 fields:
 - action
 - actionlabel
diff --git a/data_sources/cisco_isovalent_process_connect.yml b/data_sources/cisco_isovalent_process_connect.yml
index 90212a823a..0ce1955728 100644
--- a/data_sources/cisco_isovalent_process_connect.yml
+++ b/data_sources/cisco_isovalent_process_connect.yml
@@ -13,7 +13,7 @@ sourcetype: cisco:isovalent:processConnect
 supported_TA:
 - name: Cisco Security Cloud
   url: https://splunkbase.splunk.com/app/7404
-  version: 3.6.3
+  version: 3.6.4
 fields:
 - _time
 - app
diff --git a/data_sources/cisco_isovalent_process_exec.yml b/data_sources/cisco_isovalent_process_exec.yml
index 83db37c574..dfa11a9732 100644
--- a/data_sources/cisco_isovalent_process_exec.yml
+++ b/data_sources/cisco_isovalent_process_exec.yml
@@ -10,7 +10,7 @@ sourcetype: cisco:isovalent:processExec
 supported_TA:
 - name: Cisco Security Cloud
   url: https://splunkbase.splunk.com/app/7404
-  version: 3.6.3
+  version: 3.6.4
 fields:
 - _time
 - cluster_name
diff --git a/data_sources/cisco_isovalent_process_kprobe.yml b/data_sources/cisco_isovalent_process_kprobe.yml
index 2efacde64d..dd1589d64e 100644
--- a/data_sources/cisco_isovalent_process_kprobe.yml
+++ b/data_sources/cisco_isovalent_process_kprobe.yml
@@ -12,7 +12,7 @@ sourcetype: cisco:isovalent
 supported_TA:
 - name: Cisco Security Cloud
   url: https://splunkbase.splunk.com/app/7404
-  version: 3.6.3
+  version: 3.6.4
 fields:
 - _time
 - app
diff --git a/data_sources/cisco_secure_firewall_threat_defense_connection_event.yml b/data_sources/cisco_secure_firewall_threat_defense_connection_event.yml
index 3ed63d4272..86197dc93a 100644
--- a/data_sources/cisco_secure_firewall_threat_defense_connection_event.yml
+++ b/data_sources/cisco_secure_firewall_threat_defense_connection_event.yml
@@ -10,7 +10,7 @@ sourcetype: cisco:sfw:estreamer
 supported_TA:
 - name: Cisco Security Cloud
   url: https://splunkbase.splunk.com/app/7404
-  version: 3.6.3
+  version: 3.6.4
 fields:
 - AC_RuleAction
 - action
diff --git a/data_sources/cisco_secure_firewall_threat_defense_file_event.yml b/data_sources/cisco_secure_firewall_threat_defense_file_event.yml
index acbea9461b..f85878a232 100644
--- a/data_sources/cisco_secure_firewall_threat_defense_file_event.yml
+++ b/data_sources/cisco_secure_firewall_threat_defense_file_event.yml
@@ -10,7 +10,7 @@ sourcetype: cisco:sfw:estreamer
 supported_TA:
 - name: Cisco Security Cloud
   url: https://splunkbase.splunk.com/app/7404
-  version: 3.6.3
+  version: 3.6.4
 fields:
 - app
 - Application
diff --git a/data_sources/cisco_secure_firewall_threat_defense_intrusion_event.yml b/data_sources/cisco_secure_firewall_threat_defense_intrusion_event.yml
index 0cc0593a8f..6339501445 100644
--- a/data_sources/cisco_secure_firewall_threat_defense_intrusion_event.yml
+++ b/data_sources/cisco_secure_firewall_threat_defense_intrusion_event.yml
@@ -10,7 +10,7 @@ sourcetype: cisco:sfw:estreamer
 supported_TA:
 - name: Cisco Security Cloud
   url: https://splunkbase.splunk.com/app/7404
-  version: 3.6.3
+  version: 3.6.4
 fields:
 - Application
 - Classification
diff --git a/data_sources/m365_copilot_graph_api.yml b/data_sources/m365_copilot_graph_api.yml
index 881d18418b..9b1a8e3d86 100644
--- a/data_sources/m365_copilot_graph_api.yml
+++ b/data_sources/m365_copilot_graph_api.yml
@@ -9,7 +9,7 @@ sourcetype: o365:graph:api
 supported_TA:
 - name: Splunk Add-on for Microsoft Office 365
   url: https://splunkbase.splunk.com/app/4055
-  version: 5.1.0
+  version: 6.0.1
 fields:
 - appDisplayName
 - appId
diff --git a/data_sources/ntlm_operational_8004.yml b/data_sources/ntlm_operational_8004.yml
index 3641963ef2..efada682ad 100644
--- a/data_sources/ntlm_operational_8004.yml
+++ b/data_sources/ntlm_operational_8004.yml
@@ -10,7 +10,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - CategoryString
 - Channel
diff --git a/data_sources/ntlm_operational_8005.yml b/data_sources/ntlm_operational_8005.yml
index 2b5a5daa9b..ce435c8f1f 100644
--- a/data_sources/ntlm_operational_8005.yml
+++ b/data_sources/ntlm_operational_8005.yml
@@ -10,7 +10,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - CategoryString
 - Channel
diff --git a/data_sources/ntlm_operational_8006.yml b/data_sources/ntlm_operational_8006.yml
index 58092eeee2..e1daf6ad73 100644
--- a/data_sources/ntlm_operational_8006.yml
+++ b/data_sources/ntlm_operational_8006.yml
@@ -10,7 +10,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - CategoryString
 - Channel
diff --git a/data_sources/o365.yml b/data_sources/o365.yml
index 03f61a1376..af631da5c8 100644
--- a/data_sources/o365.yml
+++ b/data_sources/o365.yml
@@ -17,4 +17,4 @@ separator: Operation
 supported_TA:
 - name: Splunk Add-on for Microsoft Office 365
   url: https://splunkbase.splunk.com/app/4055
-  version: 5.1.0
+  version: 6.0.1
diff --git a/data_sources/o365_add_app_role_assignment_grant_to_user_.yml b/data_sources/o365_add_app_role_assignment_grant_to_user_.yml
index 436b5ab3bb..43032d79ab 100644
--- a/data_sources/o365_add_app_role_assignment_grant_to_user_.yml
+++ b/data_sources/o365_add_app_role_assignment_grant_to_user_.yml
@@ -17,7 +17,7 @@ separator_value: Add app role assignment grant to user.
 supported_TA:
 - name: Splunk Add-on for Microsoft Office 365
   url: https://splunkbase.splunk.com/app/4055
-  version: 5.1.0
+  version: 6.0.1
 fields:
 - _time
 - ActorContextId
diff --git a/data_sources/o365_add_app_role_assignment_to_service_principal_.yml b/data_sources/o365_add_app_role_assignment_to_service_principal_.yml
index 3a9270ebac..7c942dfe54 100644
--- a/data_sources/o365_add_app_role_assignment_to_service_principal_.yml
+++ b/data_sources/o365_add_app_role_assignment_to_service_principal_.yml
@@ -18,7 +18,7 @@ separator_value: Add app role assignment to service principal.
 supported_TA:
 - name: Splunk Add-on for Microsoft Office 365
   url: https://splunkbase.splunk.com/app/4055
-  version: 5.1.0
+  version: 6.0.1
 fields:
 - _time
 - ActorContextId
diff --git a/data_sources/o365_add_mailboxpermission.yml b/data_sources/o365_add_mailboxpermission.yml
index dca5361974..db1ea39680 100644
--- a/data_sources/o365_add_mailboxpermission.yml
+++ b/data_sources/o365_add_mailboxpermission.yml
@@ -18,7 +18,7 @@ separator_value: Add-MailboxPermission
 supported_TA:
 - name: Splunk Add-on for Microsoft Office 365
   url: https://splunkbase.splunk.com/app/4055
-  version: 5.1.0
+  version: 6.0.1
 fields:
 - _time
 - AccessRights
diff --git a/data_sources/o365_add_member_to_role_.yml b/data_sources/o365_add_member_to_role_.yml
index fa40d406f4..1296a2aef7 100644
--- a/data_sources/o365_add_member_to_role_.yml
+++ b/data_sources/o365_add_member_to_role_.yml
@@ -17,7 +17,7 @@ separator_value: Add member to role.
 supported_TA:
 - name: Splunk Add-on for Microsoft Office 365
   url: https://splunkbase.splunk.com/app/4055
-  version: 5.1.0
+  version: 6.0.1
 fields:
 - _time
 - ActorContextId
diff --git a/data_sources/o365_add_owner_to_application_.yml b/data_sources/o365_add_owner_to_application_.yml
index a20f529600..1d452fd23f 100644
--- a/data_sources/o365_add_owner_to_application_.yml
+++ b/data_sources/o365_add_owner_to_application_.yml
@@ -18,7 +18,7 @@ separator_value: Add owner to application.
 supported_TA:
 - name: Splunk Add-on for Microsoft Office 365
   url: https://splunkbase.splunk.com/app/4055
-  version: 5.1.0
+  version: 6.0.1
 fields:
 - _time
 - ActorContextId
diff --git a/data_sources/o365_add_service_principal_.yml b/data_sources/o365_add_service_principal_.yml
index adc6f0d509..aa5f655fcc 100644
--- a/data_sources/o365_add_service_principal_.yml
+++ b/data_sources/o365_add_service_principal_.yml
@@ -17,7 +17,7 @@ separator_value: Add service principal.
 supported_TA:
 - name: Splunk Add-on for Microsoft Office 365
   url: https://splunkbase.splunk.com/app/4055
-  version: 5.1.0
+  version: 6.0.1
 fields:
 - _time
 - ActorContextId
diff --git a/data_sources/o365_change_user_license_.yml b/data_sources/o365_change_user_license_.yml
index 48f0a086a6..df8f93cbf9 100644
--- a/data_sources/o365_change_user_license_.yml
+++ b/data_sources/o365_change_user_license_.yml
@@ -17,7 +17,7 @@ separator_value: Change user license.
 supported_TA:
 - name: Splunk Add-on for Microsoft Office 365
   url: https://splunkbase.splunk.com/app/4055
-  version: 5.1.0
+  version: 6.0.1
 fields:
 - _time
 - ActorContextId
diff --git a/data_sources/o365_consent_to_application_.yml b/data_sources/o365_consent_to_application_.yml
index ddd21e04aa..68c361db6a 100644
--- a/data_sources/o365_consent_to_application_.yml
+++ b/data_sources/o365_consent_to_application_.yml
@@ -18,7 +18,7 @@ separator_value: Consent to application.
 supported_TA:
 - name: Splunk Add-on for Microsoft Office 365
   url: https://splunkbase.splunk.com/app/4055
-  version: 5.1.0
+  version: 6.0.1
 fields:
 - _time
 - ActorContextId
diff --git a/data_sources/o365_disable_strong_authentication_.yml b/data_sources/o365_disable_strong_authentication_.yml
index f81dc24d3a..6b41c462a1 100644
--- a/data_sources/o365_disable_strong_authentication_.yml
+++ b/data_sources/o365_disable_strong_authentication_.yml
@@ -18,7 +18,7 @@ separator_value: Disable Strong Authentication.
 supported_TA:
 - name: Splunk Add-on for Microsoft Office 365
   url: https://splunkbase.splunk.com/app/4055
-  version: 5.1.0
+  version: 6.0.1
 fields:
 - _time
 - ActorContextId
diff --git a/data_sources/o365_mailitemsaccessed.yml b/data_sources/o365_mailitemsaccessed.yml
index 77a3f6d0e2..540f7cb008 100644
--- a/data_sources/o365_mailitemsaccessed.yml
+++ b/data_sources/o365_mailitemsaccessed.yml
@@ -17,7 +17,7 @@ separator_value: MailItemsAccessed
 supported_TA:
 - name: Splunk Add-on for Microsoft Office 365
   url: https://splunkbase.splunk.com/app/4055
-  version: 5.1.0
+  version: 6.0.1
 fields:
 - _time
 - AppId
diff --git a/data_sources/o365_modifyfolderpermissions.yml b/data_sources/o365_modifyfolderpermissions.yml
index a3d751a679..88ce5d0f33 100644
--- a/data_sources/o365_modifyfolderpermissions.yml
+++ b/data_sources/o365_modifyfolderpermissions.yml
@@ -17,7 +17,7 @@ separator_value: ModifyFolderPermissions
 supported_TA:
 - name: Splunk Add-on for Microsoft Office 365
   url: https://splunkbase.splunk.com/app/4055
-  version: 5.1.0
+  version: 6.0.1
 fields:
 - _time
 - AppId
diff --git a/data_sources/o365_set_company_information_.yml b/data_sources/o365_set_company_information_.yml
index 72fa1cbb4d..73f36e5f67 100644
--- a/data_sources/o365_set_company_information_.yml
+++ b/data_sources/o365_set_company_information_.yml
@@ -17,7 +17,7 @@ separator_value: Set Company Information.
 supported_TA:
 - name: Splunk Add-on for Microsoft Office 365
   url: https://splunkbase.splunk.com/app/4055
-  version: 5.1.0
+  version: 6.0.1
 fields:
 - _time
 - ActorContextId
diff --git a/data_sources/o365_set_mailbox.yml b/data_sources/o365_set_mailbox.yml
index c0292f9a14..ed62007f8a 100644
--- a/data_sources/o365_set_mailbox.yml
+++ b/data_sources/o365_set_mailbox.yml
@@ -17,7 +17,7 @@ separator_value: Set-Mailbox
 supported_TA:
 - name: Splunk Add-on for Microsoft Office 365
   url: https://splunkbase.splunk.com/app/4055
-  version: 5.1.0
+  version: 6.0.1
 fields:
 - _time
 - AppId
diff --git a/data_sources/o365_update_application_.yml b/data_sources/o365_update_application_.yml
index 55313831fb..2945ea5556 100644
--- a/data_sources/o365_update_application_.yml
+++ b/data_sources/o365_update_application_.yml
@@ -17,7 +17,7 @@ separator_value: Update application.
 supported_TA:
 - name: Splunk Add-on for Microsoft Office 365
   url: https://splunkbase.splunk.com/app/4055
-  version: 5.1.0
+  version: 6.0.1
 fields:
 - _time
 - ActorContextId
diff --git a/data_sources/o365_update_authorization_policy_.yml b/data_sources/o365_update_authorization_policy_.yml
index 15e3a2c1de..2c185bf6d2 100644
--- a/data_sources/o365_update_authorization_policy_.yml
+++ b/data_sources/o365_update_authorization_policy_.yml
@@ -17,7 +17,7 @@ separator_value: Update authorization policy.
 supported_TA:
 - name: Splunk Add-on for Microsoft Office 365
   url: https://splunkbase.splunk.com/app/4055
-  version: 5.1.0
+  version: 6.0.1
 fields:
 - _time
 - ActorContextId
diff --git a/data_sources/o365_update_user_.yml b/data_sources/o365_update_user_.yml
index 53ab87722e..25f55a5bf9 100644
--- a/data_sources/o365_update_user_.yml
+++ b/data_sources/o365_update_user_.yml
@@ -17,7 +17,7 @@ separator_value: Update user.
 supported_TA:
 - name: Splunk Add-on for Microsoft Office 365
   url: https://splunkbase.splunk.com/app/4055
-  version: 5.1.0
+  version: 6.0.1
 fields:
 - _time
 - ActorContextId
diff --git a/data_sources/o365_userloggedin.yml b/data_sources/o365_userloggedin.yml
index a60637d473..4fe924e775 100644
--- a/data_sources/o365_userloggedin.yml
+++ b/data_sources/o365_userloggedin.yml
@@ -17,7 +17,7 @@ separator_value: UserLoggedIn
 supported_TA:
 - name: Splunk Add-on for Microsoft Office 365
   url: https://splunkbase.splunk.com/app/4055
-  version: 5.1.0
+  version: 6.0.1
 fields:
 - _time
 - ActorContextId
diff --git a/data_sources/o365_userloginfailed.yml b/data_sources/o365_userloginfailed.yml
index fcb91f1040..d36c54dbeb 100644
--- a/data_sources/o365_userloginfailed.yml
+++ b/data_sources/o365_userloginfailed.yml
@@ -17,7 +17,7 @@ separator_value: UserLoginFailed
 supported_TA:
 - name: Splunk Add-on for Microsoft Office 365
   url: https://splunkbase.splunk.com/app/4055
-  version: 5.1.0
+  version: 6.0.1
 fields:
 - _time
 - ActorContextId
diff --git a/data_sources/office_365_reporting_message_trace.yml b/data_sources/office_365_reporting_message_trace.yml
index b920f9d2f6..c6991446c5 100644
--- a/data_sources/office_365_reporting_message_trace.yml
+++ b/data_sources/office_365_reporting_message_trace.yml
@@ -10,7 +10,7 @@ separator: Organization
 supported_TA:
 - name: Splunk Microsoft Office 365 Add-on
   url: https://splunkbase.splunk.com/app/4055
-  version: 5.1.0
+  version: 6.0.1
 fields:
 - FromIP
 - Index
diff --git a/data_sources/office_365_universal_audit_log.yml b/data_sources/office_365_universal_audit_log.yml
index 52f1f93673..cc31d06a65 100644
--- a/data_sources/office_365_universal_audit_log.yml
+++ b/data_sources/office_365_universal_audit_log.yml
@@ -10,7 +10,7 @@ separator: Operation
 supported_TA:
 - name: Splunk Microsoft Office 365 Add-on
   url: https://splunkbase.splunk.com/app/4055
-  version: 5.1.0
+  version: 6.0.1
 fields:
 - _time
 example_log: ''
diff --git a/data_sources/powershell_script_block_logging_4104.yml b/data_sources/powershell_script_block_logging_4104.yml
index f4866dd9cd..c54aa3fda2 100644
--- a/data_sources/powershell_script_block_logging_4104.yml
+++ b/data_sources/powershell_script_block_logging_4104.yml
@@ -18,7 +18,7 @@ separator_value: '4104'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - ActivityID
diff --git a/data_sources/splunk_common_information_model_(cim).yml b/data_sources/splunk_common_information_model_(cim).yml
index 09d6d97aa1..f2a21d2c73 100644
--- a/data_sources/splunk_common_information_model_(cim).yml
+++ b/data_sources/splunk_common_information_model_(cim).yml
@@ -9,4 +9,4 @@ sourcetype: not_applicable
 supported_TA:
 - name: Splunk Common Information Model (CIM)
   url: https://splunkbase.splunk.com/app/1621
-  version: 6.4.0
+  version: 8.5.0
diff --git a/data_sources/windows_active_directory_admon.yml b/data_sources/windows_active_directory_admon.yml
index 72ccbd68bd..a0932f0cac 100644
--- a/data_sources/windows_active_directory_admon.yml
+++ b/data_sources/windows_active_directory_admon.yml
@@ -16,7 +16,7 @@ sourcetype: ActiveDirectory
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - Guid
diff --git a/data_sources/windows_event_log_application_15457.yml b/data_sources/windows_event_log_application_15457.yml
index c9dd2602e0..667d19949c 100644
--- a/data_sources/windows_event_log_application_15457.yml
+++ b/data_sources/windows_event_log_application_15457.yml
@@ -10,7 +10,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - CategoryString
 - Channel
diff --git a/data_sources/windows_event_log_application_17135.yml b/data_sources/windows_event_log_application_17135.yml
index 16983b806c..53b4e1fcab 100644
--- a/data_sources/windows_event_log_application_17135.yml
+++ b/data_sources/windows_event_log_application_17135.yml
@@ -10,7 +10,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - CategoryString
 - Channel
diff --git a/data_sources/windows_event_log_application_2282.yml b/data_sources/windows_event_log_application_2282.yml
index 0c958ba4cb..57ef69fbb1 100644
--- a/data_sources/windows_event_log_application_2282.yml
+++ b/data_sources/windows_event_log_application_2282.yml
@@ -16,7 +16,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - Channel
diff --git a/data_sources/windows_event_log_application_3000.yml b/data_sources/windows_event_log_application_3000.yml
index 0aeb0bcfe6..e94d1b004c 100644
--- a/data_sources/windows_event_log_application_3000.yml
+++ b/data_sources/windows_event_log_application_3000.yml
@@ -17,7 +17,7 @@ separator_value: '3000'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - Channel
diff --git a/data_sources/windows_event_log_application_8128.yml b/data_sources/windows_event_log_application_8128.yml
index bb590e3047..2a4e7dd2ea 100644
--- a/data_sources/windows_event_log_application_8128.yml
+++ b/data_sources/windows_event_log_application_8128.yml
@@ -10,7 +10,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - CategoryString
 - Channel
diff --git a/data_sources/windows_event_log_appxdeployment_server_400.yml b/data_sources/windows_event_log_appxdeployment_server_400.yml
index d549942965..a3a74488fb 100644
--- a/data_sources/windows_event_log_appxdeployment_server_400.yml
+++ b/data_sources/windows_event_log_appxdeployment_server_400.yml
@@ -27,7 +27,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - CategoryString
 - Channel
diff --git a/data_sources/windows_event_log_appxdeployment_server_854.yml b/data_sources/windows_event_log_appxdeployment_server_854.yml
index c0d76326ac..ea8bcc4e5e 100644
--- a/data_sources/windows_event_log_appxdeployment_server_854.yml
+++ b/data_sources/windows_event_log_appxdeployment_server_854.yml
@@ -26,7 +26,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - CategoryString
 - Channel
diff --git a/data_sources/windows_event_log_appxdeployment_server_855.yml b/data_sources/windows_event_log_appxdeployment_server_855.yml
index 56ad346a05..f9d7657cdd 100644
--- a/data_sources/windows_event_log_appxdeployment_server_855.yml
+++ b/data_sources/windows_event_log_appxdeployment_server_855.yml
@@ -26,7 +26,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - CategoryString
 - Channel
diff --git a/data_sources/windows_event_log_appxpackaging_171.yml b/data_sources/windows_event_log_appxpackaging_171.yml
index e11b460455..7b9253476e 100644
--- a/data_sources/windows_event_log_appxpackaging_171.yml
+++ b/data_sources/windows_event_log_appxpackaging_171.yml
@@ -27,7 +27,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - CategoryString
 - Channel
diff --git a/data_sources/windows_event_log_capi2_70.yml b/data_sources/windows_event_log_capi2_70.yml
index e96317873f..3e81989d92 100644
--- a/data_sources/windows_event_log_capi2_70.yml
+++ b/data_sources/windows_event_log_capi2_70.yml
@@ -18,7 +18,7 @@ separator_value: '70'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - Channel
diff --git a/data_sources/windows_event_log_capi2_81.yml b/data_sources/windows_event_log_capi2_81.yml
index 7228eb20ca..791e30f074 100644
--- a/data_sources/windows_event_log_capi2_81.yml
+++ b/data_sources/windows_event_log_capi2_81.yml
@@ -18,7 +18,7 @@ separator_value: '81'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - Channel
diff --git a/data_sources/windows_event_log_certificateservicesclient_1007.yml b/data_sources/windows_event_log_certificateservicesclient_1007.yml
index 317658a410..40fb55dbfa 100644
--- a/data_sources/windows_event_log_certificateservicesclient_1007.yml
+++ b/data_sources/windows_event_log_certificateservicesclient_1007.yml
@@ -18,7 +18,7 @@ separator_value: '1007'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - ActivityID
diff --git a/data_sources/windows_event_log_defender_1121.yml b/data_sources/windows_event_log_defender_1121.yml
index 83e8b160c2..7b2ff10ed9 100644
--- a/data_sources/windows_event_log_defender_1121.yml
+++ b/data_sources/windows_event_log_defender_1121.yml
@@ -16,7 +16,7 @@ separator_value: '1121'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - ActivityID
diff --git a/data_sources/windows_event_log_defender_1122.yml b/data_sources/windows_event_log_defender_1122.yml
index 900eafd734..92564f2a03 100644
--- a/data_sources/windows_event_log_defender_1122.yml
+++ b/data_sources/windows_event_log_defender_1122.yml
@@ -16,7 +16,7 @@ separator_value: '1122'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - ActivityID
diff --git a/data_sources/windows_event_log_defender_1125.yml b/data_sources/windows_event_log_defender_1125.yml
index fb51ac903d..47f38cfd5d 100644
--- a/data_sources/windows_event_log_defender_1125.yml
+++ b/data_sources/windows_event_log_defender_1125.yml
@@ -10,7 +10,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 example_log: <Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider
diff --git a/data_sources/windows_event_log_defender_1126.yml b/data_sources/windows_event_log_defender_1126.yml
index ebcb007ae7..0c63e1439c 100644
--- a/data_sources/windows_event_log_defender_1126.yml
+++ b/data_sources/windows_event_log_defender_1126.yml
@@ -10,7 +10,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - ActivityID
diff --git a/data_sources/windows_event_log_defender_1129.yml b/data_sources/windows_event_log_defender_1129.yml
index b519e4de1e..9bebb43d2a 100644
--- a/data_sources/windows_event_log_defender_1129.yml
+++ b/data_sources/windows_event_log_defender_1129.yml
@@ -16,7 +16,7 @@ separator_value: '1129'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - ComputerName
diff --git a/data_sources/windows_event_log_defender_1131.yml b/data_sources/windows_event_log_defender_1131.yml
index 64536cbddf..f2c6763cc3 100644
--- a/data_sources/windows_event_log_defender_1131.yml
+++ b/data_sources/windows_event_log_defender_1131.yml
@@ -10,7 +10,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - ActivityID
 - CategoryString
diff --git a/data_sources/windows_event_log_defender_1132.yml b/data_sources/windows_event_log_defender_1132.yml
index 83ecd8872a..5db7674b1a 100644
--- a/data_sources/windows_event_log_defender_1132.yml
+++ b/data_sources/windows_event_log_defender_1132.yml
@@ -10,7 +10,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - ActivityID
 - CategoryString
diff --git a/data_sources/windows_event_log_defender_1133.yml b/data_sources/windows_event_log_defender_1133.yml
index b83ad8af64..adf2475e9d 100644
--- a/data_sources/windows_event_log_defender_1133.yml
+++ b/data_sources/windows_event_log_defender_1133.yml
@@ -10,7 +10,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - ActivityID
 - CategoryString
diff --git a/data_sources/windows_event_log_defender_1134.yml b/data_sources/windows_event_log_defender_1134.yml
index 102f0b433d..96a85af5f2 100644
--- a/data_sources/windows_event_log_defender_1134.yml
+++ b/data_sources/windows_event_log_defender_1134.yml
@@ -10,7 +10,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - ActivityID
 - CategoryString
diff --git a/data_sources/windows_event_log_defender_5007.yml b/data_sources/windows_event_log_defender_5007.yml
index 98adf2ea7b..464ba241eb 100644
--- a/data_sources/windows_event_log_defender_5007.yml
+++ b/data_sources/windows_event_log_defender_5007.yml
@@ -13,7 +13,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - Channel
diff --git a/data_sources/windows_event_log_printservice_316.yml b/data_sources/windows_event_log_printservice_316.yml
index 3994dbf76d..3ca1eef463 100644
--- a/data_sources/windows_event_log_printservice_316.yml
+++ b/data_sources/windows_event_log_printservice_316.yml
@@ -14,7 +14,7 @@ separator_value: '316'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - ComputerName
diff --git a/data_sources/windows_event_log_printservice_4909.yml b/data_sources/windows_event_log_printservice_4909.yml
index 972f3e0311..fbedbffea3 100644
--- a/data_sources/windows_event_log_printservice_4909.yml
+++ b/data_sources/windows_event_log_printservice_4909.yml
@@ -10,7 +10,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 example_log: ''
diff --git a/data_sources/windows_event_log_printservice_808.yml b/data_sources/windows_event_log_printservice_808.yml
index 244efee817..df52ab9306 100644
--- a/data_sources/windows_event_log_printservice_808.yml
+++ b/data_sources/windows_event_log_printservice_808.yml
@@ -16,7 +16,7 @@ separator_value: '808'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - ComputerName
diff --git a/data_sources/windows_event_log_remoteconnectionmanager_1149.yml b/data_sources/windows_event_log_remoteconnectionmanager_1149.yml
index 00d5d20660..167dcf8ff2 100644
--- a/data_sources/windows_event_log_remoteconnectionmanager_1149.yml
+++ b/data_sources/windows_event_log_remoteconnectionmanager_1149.yml
@@ -15,7 +15,7 @@ separator_value: '1149'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - ActivityID
diff --git a/data_sources/windows_event_log_security_1100.yml b/data_sources/windows_event_log_security_1100.yml
index b7e9a6de16..93c5089776 100644
--- a/data_sources/windows_event_log_security_1100.yml
+++ b/data_sources/windows_event_log_security_1100.yml
@@ -14,7 +14,7 @@ separator_value: '1100'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - Channel
diff --git a/data_sources/windows_event_log_security_1102.yml b/data_sources/windows_event_log_security_1102.yml
index 0f893ef485..dfb076ec3b 100644
--- a/data_sources/windows_event_log_security_1102.yml
+++ b/data_sources/windows_event_log_security_1102.yml
@@ -15,7 +15,7 @@ separator_value: '1102'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - Caller_User_Name
diff --git a/data_sources/windows_event_log_security_4624.yml b/data_sources/windows_event_log_security_4624.yml
index 66810bc4fd..3b515d9539 100644
--- a/data_sources/windows_event_log_security_4624.yml
+++ b/data_sources/windows_event_log_security_4624.yml
@@ -15,7 +15,7 @@ separator_value: '4624'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - ActivityID
diff --git a/data_sources/windows_event_log_security_4625.yml b/data_sources/windows_event_log_security_4625.yml
index c2c89a1cee..d537899acc 100644
--- a/data_sources/windows_event_log_security_4625.yml
+++ b/data_sources/windows_event_log_security_4625.yml
@@ -14,7 +14,7 @@ separator_value: '4625'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - ActivityID
diff --git a/data_sources/windows_event_log_security_4627.yml b/data_sources/windows_event_log_security_4627.yml
index 3caae9663e..0b64430c14 100644
--- a/data_sources/windows_event_log_security_4627.yml
+++ b/data_sources/windows_event_log_security_4627.yml
@@ -16,7 +16,7 @@ separator_value: '4627'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - ActivityID
diff --git a/data_sources/windows_event_log_security_4648.yml b/data_sources/windows_event_log_security_4648.yml
index a83f7079af..2ceea1d8bd 100644
--- a/data_sources/windows_event_log_security_4648.yml
+++ b/data_sources/windows_event_log_security_4648.yml
@@ -15,7 +15,7 @@ separator_value: '4648'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - ActivityID
diff --git a/data_sources/windows_event_log_security_4662.yml b/data_sources/windows_event_log_security_4662.yml
index df28f5509d..ccdf47bbd4 100644
--- a/data_sources/windows_event_log_security_4662.yml
+++ b/data_sources/windows_event_log_security_4662.yml
@@ -15,7 +15,7 @@ separator_value: '4662'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - AccessList
diff --git a/data_sources/windows_event_log_security_4663.yml b/data_sources/windows_event_log_security_4663.yml
index aae4d21a40..d1c56655bd 100644
--- a/data_sources/windows_event_log_security_4663.yml
+++ b/data_sources/windows_event_log_security_4663.yml
@@ -15,7 +15,7 @@ separator_value: '4663'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - AccessList
diff --git a/data_sources/windows_event_log_security_4672.yml b/data_sources/windows_event_log_security_4672.yml
index a72f0e5323..2008374964 100644
--- a/data_sources/windows_event_log_security_4672.yml
+++ b/data_sources/windows_event_log_security_4672.yml
@@ -15,7 +15,7 @@ separator_value: '4672'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - ActivityID
diff --git a/data_sources/windows_event_log_security_4688.yml b/data_sources/windows_event_log_security_4688.yml
index d2e6d0db22..3eea1cc5c2 100644
--- a/data_sources/windows_event_log_security_4688.yml
+++ b/data_sources/windows_event_log_security_4688.yml
@@ -16,7 +16,7 @@ configuration: Enabling Windows event log process command line logging via group
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - Caller_Domain
 - Caller_User_Name
diff --git a/data_sources/windows_event_log_security_4698.yml b/data_sources/windows_event_log_security_4698.yml
index c2657a082d..a9207f44c8 100644
--- a/data_sources/windows_event_log_security_4698.yml
+++ b/data_sources/windows_event_log_security_4698.yml
@@ -14,7 +14,7 @@ separator_value: '4698'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - Account_Domain
diff --git a/data_sources/windows_event_log_security_4699.yml b/data_sources/windows_event_log_security_4699.yml
index 8da5f0d828..7dfd897374 100644
--- a/data_sources/windows_event_log_security_4699.yml
+++ b/data_sources/windows_event_log_security_4699.yml
@@ -14,7 +14,7 @@ separator_value: '4699'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - Account_Domain
diff --git a/data_sources/windows_event_log_security_4700.yml b/data_sources/windows_event_log_security_4700.yml
index 05a9067fa4..c5f094d244 100644
--- a/data_sources/windows_event_log_security_4700.yml
+++ b/data_sources/windows_event_log_security_4700.yml
@@ -10,7 +10,7 @@ separator: EventID
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - EventID
 example_log: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"><System>
diff --git a/data_sources/windows_event_log_security_4702.yml b/data_sources/windows_event_log_security_4702.yml
index 7c5e755169..c4710a4d94 100644
--- a/data_sources/windows_event_log_security_4702.yml
+++ b/data_sources/windows_event_log_security_4702.yml
@@ -10,7 +10,7 @@ separator: EventID
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - EventID
 example_log: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"><System>
diff --git a/data_sources/windows_event_log_security_4703.yml b/data_sources/windows_event_log_security_4703.yml
index ebba1f5d35..21b70bafb6 100644
--- a/data_sources/windows_event_log_security_4703.yml
+++ b/data_sources/windows_event_log_security_4703.yml
@@ -14,7 +14,7 @@ separator_value: '4703'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - Caller_Domain
diff --git a/data_sources/windows_event_log_security_4719.yml b/data_sources/windows_event_log_security_4719.yml
index f16d48dc4f..ce71b781ea 100644
--- a/data_sources/windows_event_log_security_4719.yml
+++ b/data_sources/windows_event_log_security_4719.yml
@@ -14,7 +14,7 @@ separator_value: '4719'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - ActivityID
diff --git a/data_sources/windows_event_log_security_4720.yml b/data_sources/windows_event_log_security_4720.yml
index 7ce0037cb5..c19d05b414 100644
--- a/data_sources/windows_event_log_security_4720.yml
+++ b/data_sources/windows_event_log_security_4720.yml
@@ -13,7 +13,7 @@ separator_value: '4720'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - Account_Domain
diff --git a/data_sources/windows_event_log_security_4724.yml b/data_sources/windows_event_log_security_4724.yml
index 1c80db3731..17fc373ec9 100644
--- a/data_sources/windows_event_log_security_4724.yml
+++ b/data_sources/windows_event_log_security_4724.yml
@@ -14,7 +14,7 @@ separator_value: '4724'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - Caller_Domain
diff --git a/data_sources/windows_event_log_security_4725.yml b/data_sources/windows_event_log_security_4725.yml
index 3d4e480da4..aee5da7863 100644
--- a/data_sources/windows_event_log_security_4725.yml
+++ b/data_sources/windows_event_log_security_4725.yml
@@ -13,7 +13,7 @@ separator_value: '4725'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - Caller_Domain
diff --git a/data_sources/windows_event_log_security_4726.yml b/data_sources/windows_event_log_security_4726.yml
index f4fddafdaa..e48fba0d0a 100644
--- a/data_sources/windows_event_log_security_4726.yml
+++ b/data_sources/windows_event_log_security_4726.yml
@@ -13,7 +13,7 @@ separator_value: '4726'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - Caller_Domain
diff --git a/data_sources/windows_event_log_security_4727.yml b/data_sources/windows_event_log_security_4727.yml
index 41cc415337..9786a82fea 100644
--- a/data_sources/windows_event_log_security_4727.yml
+++ b/data_sources/windows_event_log_security_4727.yml
@@ -10,7 +10,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 output_fields:
diff --git a/data_sources/windows_event_log_security_4728.yml b/data_sources/windows_event_log_security_4728.yml
index fc802dd92d..4c005df5f4 100644
--- a/data_sources/windows_event_log_security_4728.yml
+++ b/data_sources/windows_event_log_security_4728.yml
@@ -10,7 +10,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 output_fields:
diff --git a/data_sources/windows_event_log_security_4730.yml b/data_sources/windows_event_log_security_4730.yml
index a0b2e3dbdf..98fe25c2b7 100644
--- a/data_sources/windows_event_log_security_4730.yml
+++ b/data_sources/windows_event_log_security_4730.yml
@@ -10,7 +10,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - CategoryString
 - Channel
diff --git a/data_sources/windows_event_log_security_4731.yml b/data_sources/windows_event_log_security_4731.yml
index 4ecbb5b9b7..1eeac5ef53 100644
--- a/data_sources/windows_event_log_security_4731.yml
+++ b/data_sources/windows_event_log_security_4731.yml
@@ -10,7 +10,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 output_fields:
diff --git a/data_sources/windows_event_log_security_4732.yml b/data_sources/windows_event_log_security_4732.yml
index d033d1cbf6..63e15bcff9 100644
--- a/data_sources/windows_event_log_security_4732.yml
+++ b/data_sources/windows_event_log_security_4732.yml
@@ -14,7 +14,7 @@ separator_value: '4732'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - Account_Domain
diff --git a/data_sources/windows_event_log_security_4737.yml b/data_sources/windows_event_log_security_4737.yml
index 010451988a..11c68e5b0b 100644
--- a/data_sources/windows_event_log_security_4737.yml
+++ b/data_sources/windows_event_log_security_4737.yml
@@ -10,7 +10,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - CategoryString
 - Channel
diff --git a/data_sources/windows_event_log_security_4738.yml b/data_sources/windows_event_log_security_4738.yml
index 2ccf24b6b4..2e6784340b 100644
--- a/data_sources/windows_event_log_security_4738.yml
+++ b/data_sources/windows_event_log_security_4738.yml
@@ -14,7 +14,7 @@ separator_value: '4738'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - AccountExpires
diff --git a/data_sources/windows_event_log_security_4739.yml b/data_sources/windows_event_log_security_4739.yml
index ace200e646..0167bad8d2 100644
--- a/data_sources/windows_event_log_security_4739.yml
+++ b/data_sources/windows_event_log_security_4739.yml
@@ -15,7 +15,7 @@ separator_value: '4739'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - Caller_Domain
diff --git a/data_sources/windows_event_log_security_4741.yml b/data_sources/windows_event_log_security_4741.yml
index 1fda5343af..98f8922bd1 100644
--- a/data_sources/windows_event_log_security_4741.yml
+++ b/data_sources/windows_event_log_security_4741.yml
@@ -17,7 +17,7 @@ separator_value: '4741'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - AccountExpires
diff --git a/data_sources/windows_event_log_security_4742.yml b/data_sources/windows_event_log_security_4742.yml
index 08cb2520db..ab37b800ac 100644
--- a/data_sources/windows_event_log_security_4742.yml
+++ b/data_sources/windows_event_log_security_4742.yml
@@ -16,7 +16,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - AccountExpires
diff --git a/data_sources/windows_event_log_security_4744.yml b/data_sources/windows_event_log_security_4744.yml
index 5701a21706..7bef6eede2 100644
--- a/data_sources/windows_event_log_security_4744.yml
+++ b/data_sources/windows_event_log_security_4744.yml
@@ -10,7 +10,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 output_fields:
diff --git a/data_sources/windows_event_log_security_4749.yml b/data_sources/windows_event_log_security_4749.yml
index 0e4bbd868b..1ee671fa02 100644
--- a/data_sources/windows_event_log_security_4749.yml
+++ b/data_sources/windows_event_log_security_4749.yml
@@ -10,7 +10,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 output_fields:
diff --git a/data_sources/windows_event_log_security_4754.yml b/data_sources/windows_event_log_security_4754.yml
index cfb875f3b4..7147441f2a 100644
--- a/data_sources/windows_event_log_security_4754.yml
+++ b/data_sources/windows_event_log_security_4754.yml
@@ -10,7 +10,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 output_fields:
diff --git a/data_sources/windows_event_log_security_4756.yml b/data_sources/windows_event_log_security_4756.yml
index 161893b347..90acd9e9c7 100644
--- a/data_sources/windows_event_log_security_4756.yml
+++ b/data_sources/windows_event_log_security_4756.yml
@@ -10,9 +10,22 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 output_fields:
 - dest
-example_log: <Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider Name='Microsoft-Windows-Security-Auditing' Guid='{54849625-5478-4994-A5BA-3E3B0328C30D}' /> <EventID>4756</EventID> <Version>0</Version> <Level>0</Level> <Task>13826</Task> <Opcode>0</Opcode> <Keywords>0x8020000000000000</Keywords> <TimeCreated SystemTime='2019-03-20T17:08:41.465560800Z' /> <EventRecordID>4405437</EventRecordID> <Correlation /> <Execution ProcessID='704' ThreadID='2584' /> <Channel>Security</Channel> <Computer>atc-win-2k16.atc.local</Computer> <Security /> </System><EventData><Data Name='MemberName'>CN=demouser,CN=Users,DC=atc,DC=local</Data> <Data Name='MemberSid'>S-1-5-21-2245550993-2690282630-2861202560-18603</Data> <Data Name='TargetUserName'>Enterprise Admins</Data> <Data Name='TargetDomainName'>ATC</Data> <Data Name='TargetSid'>S-1-5-21-2245550993-2622282683-2531201460-519</Data> <Data Name='SubjectUserSid'>S-1-5-21-2245550993-2622282683-2531201460-500</Data> <Data Name='SubjectUserName'>test_user</Data> <Data Name='SubjectDomainName'>ATC</Data> <Data Name='SubjectLogonId'>0x109a6c</Data> <Data Name='PrivilegeList'>-</Data> </EventData></Event>
+example_log: <Event xmlns='http://schemas.microsoft.com/win/2004/08/events/event'><System><Provider
+  Name='Microsoft-Windows-Security-Auditing' Guid='{54849625-5478-4994-A5BA-3E3B0328C30D}'
+  /> <EventID>4756</EventID> <Version>0</Version> <Level>0</Level> <Task>13826</Task>
+  <Opcode>0</Opcode> <Keywords>0x8020000000000000</Keywords> <TimeCreated SystemTime='2019-03-20T17:08:41.465560800Z'
+  /> <EventRecordID>4405437</EventRecordID> <Correlation /> <Execution ProcessID='704'
+  ThreadID='2584' /> <Channel>Security</Channel> <Computer>atc-win-2k16.atc.local</Computer>
+  <Security /> </System><EventData><Data Name='MemberName'>CN=demouser,CN=Users,DC=atc,DC=local</Data>
+  <Data Name='MemberSid'>S-1-5-21-2245550993-2690282630-2861202560-18603</Data> <Data
+  Name='TargetUserName'>Enterprise Admins</Data> <Data Name='TargetDomainName'>ATC</Data>
+  <Data Name='TargetSid'>S-1-5-21-2245550993-2622282683-2531201460-519</Data> <Data
+  Name='SubjectUserSid'>S-1-5-21-2245550993-2622282683-2531201460-500</Data> <Data
+  Name='SubjectUserName'>test_user</Data> <Data Name='SubjectDomainName'>ATC</Data>
+  <Data Name='SubjectLogonId'>0x109a6c</Data> <Data Name='PrivilegeList'>-</Data>
+  </EventData></Event>
diff --git a/data_sources/windows_event_log_security_4759.yml b/data_sources/windows_event_log_security_4759.yml
index 957a3b0516..b1cf53688d 100644
--- a/data_sources/windows_event_log_security_4759.yml
+++ b/data_sources/windows_event_log_security_4759.yml
@@ -10,7 +10,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 output_fields:
diff --git a/data_sources/windows_event_log_security_4768.yml b/data_sources/windows_event_log_security_4768.yml
index f228accb99..bc1f7bac42 100644
--- a/data_sources/windows_event_log_security_4768.yml
+++ b/data_sources/windows_event_log_security_4768.yml
@@ -17,7 +17,7 @@ separator_value: '4768'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - Channel
diff --git a/data_sources/windows_event_log_security_4769.yml b/data_sources/windows_event_log_security_4769.yml
index 6e17b55b2e..b0a84182f6 100644
--- a/data_sources/windows_event_log_security_4769.yml
+++ b/data_sources/windows_event_log_security_4769.yml
@@ -17,7 +17,7 @@ separator_value: '4769'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - Channel
diff --git a/data_sources/windows_event_log_security_4771.yml b/data_sources/windows_event_log_security_4771.yml
index 3ed186ff69..5336a7b85c 100644
--- a/data_sources/windows_event_log_security_4771.yml
+++ b/data_sources/windows_event_log_security_4771.yml
@@ -17,7 +17,7 @@ separator_value: '4771'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - Channel
diff --git a/data_sources/windows_event_log_security_4776.yml b/data_sources/windows_event_log_security_4776.yml
index 0ff1542695..bfd29e6060 100644
--- a/data_sources/windows_event_log_security_4776.yml
+++ b/data_sources/windows_event_log_security_4776.yml
@@ -17,7 +17,7 @@ separator_value: '4776'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - Channel
diff --git a/data_sources/windows_event_log_security_4781.yml b/data_sources/windows_event_log_security_4781.yml
index 8cc9cd3afc..e79e3c0a47 100644
--- a/data_sources/windows_event_log_security_4781.yml
+++ b/data_sources/windows_event_log_security_4781.yml
@@ -17,7 +17,7 @@ separator_value: '4781'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - ActivityID
diff --git a/data_sources/windows_event_log_security_4783.yml b/data_sources/windows_event_log_security_4783.yml
index cde29dc7e1..9593ca4be6 100644
--- a/data_sources/windows_event_log_security_4783.yml
+++ b/data_sources/windows_event_log_security_4783.yml
@@ -10,7 +10,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 output_fields:
diff --git a/data_sources/windows_event_log_security_4790.yml b/data_sources/windows_event_log_security_4790.yml
index cfb79c030e..15295b2e62 100644
--- a/data_sources/windows_event_log_security_4790.yml
+++ b/data_sources/windows_event_log_security_4790.yml
@@ -10,7 +10,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 output_fields:
diff --git a/data_sources/windows_event_log_security_4794.yml b/data_sources/windows_event_log_security_4794.yml
index 72f5544d0d..df92ace54d 100644
--- a/data_sources/windows_event_log_security_4794.yml
+++ b/data_sources/windows_event_log_security_4794.yml
@@ -17,7 +17,7 @@ separator_value: null
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - ActivityID
diff --git a/data_sources/windows_event_log_security_4798.yml b/data_sources/windows_event_log_security_4798.yml
index 120955f459..3315b1c53b 100644
--- a/data_sources/windows_event_log_security_4798.yml
+++ b/data_sources/windows_event_log_security_4798.yml
@@ -16,7 +16,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - ActivityID
diff --git a/data_sources/windows_event_log_security_4876.yml b/data_sources/windows_event_log_security_4876.yml
index 0baa3467d4..52c2a6c96b 100644
--- a/data_sources/windows_event_log_security_4876.yml
+++ b/data_sources/windows_event_log_security_4876.yml
@@ -17,7 +17,7 @@ separator_value: '4876'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - ActivityID
diff --git a/data_sources/windows_event_log_security_4886.yml b/data_sources/windows_event_log_security_4886.yml
index f4a4a26dbf..3cf65cc000 100644
--- a/data_sources/windows_event_log_security_4886.yml
+++ b/data_sources/windows_event_log_security_4886.yml
@@ -17,7 +17,7 @@ separator_value: '4886'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - ActivityID
diff --git a/data_sources/windows_event_log_security_4887.yml b/data_sources/windows_event_log_security_4887.yml
index f33478356e..4d842f5645 100644
--- a/data_sources/windows_event_log_security_4887.yml
+++ b/data_sources/windows_event_log_security_4887.yml
@@ -17,7 +17,7 @@ separator_value: '4887'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - ActivityID
diff --git a/data_sources/windows_event_log_security_4946.yml b/data_sources/windows_event_log_security_4946.yml
index 60c16ad85a..c75d74aa3a 100644
--- a/data_sources/windows_event_log_security_4946.yml
+++ b/data_sources/windows_event_log_security_4946.yml
@@ -11,7 +11,7 @@ separator_value: '4946'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - EventID
diff --git a/data_sources/windows_event_log_security_4947.yml b/data_sources/windows_event_log_security_4947.yml
index 6a717b98c5..522f9840dc 100644
--- a/data_sources/windows_event_log_security_4947.yml
+++ b/data_sources/windows_event_log_security_4947.yml
@@ -11,7 +11,7 @@ separator_value: '4947'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - EventID
diff --git a/data_sources/windows_event_log_security_4948.yml b/data_sources/windows_event_log_security_4948.yml
index c3373cbab3..bd1f3d0ab6 100644
--- a/data_sources/windows_event_log_security_4948.yml
+++ b/data_sources/windows_event_log_security_4948.yml
@@ -11,7 +11,7 @@ separator_value: '4948'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - EventID
diff --git a/data_sources/windows_event_log_security_5136.yml b/data_sources/windows_event_log_security_5136.yml
index 382c9572e4..86ad2b07c1 100644
--- a/data_sources/windows_event_log_security_5136.yml
+++ b/data_sources/windows_event_log_security_5136.yml
@@ -17,7 +17,7 @@ separator_value: '5136'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - ActivityID
diff --git a/data_sources/windows_event_log_security_5137.yml b/data_sources/windows_event_log_security_5137.yml
index 853bd2d8ee..2ffb599f08 100644
--- a/data_sources/windows_event_log_security_5137.yml
+++ b/data_sources/windows_event_log_security_5137.yml
@@ -17,7 +17,7 @@ separator_value: '5137'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - AppCorrelationID
diff --git a/data_sources/windows_event_log_security_5140.yml b/data_sources/windows_event_log_security_5140.yml
index 01fe54c917..42da84b212 100644
--- a/data_sources/windows_event_log_security_5140.yml
+++ b/data_sources/windows_event_log_security_5140.yml
@@ -17,7 +17,7 @@ separator_value: '5140'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - AccessList
diff --git a/data_sources/windows_event_log_security_5141.yml b/data_sources/windows_event_log_security_5141.yml
index cc9ff26b9a..05b2d0ba72 100644
--- a/data_sources/windows_event_log_security_5141.yml
+++ b/data_sources/windows_event_log_security_5141.yml
@@ -17,7 +17,7 @@ separator_value: '5141'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - ActivityID
diff --git a/data_sources/windows_event_log_security_5145.yml b/data_sources/windows_event_log_security_5145.yml
index 3899fe9e0f..a379a8e7bb 100644
--- a/data_sources/windows_event_log_security_5145.yml
+++ b/data_sources/windows_event_log_security_5145.yml
@@ -17,7 +17,7 @@ separator_value: '5145'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - AccessList
diff --git a/data_sources/windows_event_log_system_104.yml b/data_sources/windows_event_log_system_104.yml
index ab6d0bfd24..a9505dde9b 100644
--- a/data_sources/windows_event_log_system_104.yml
+++ b/data_sources/windows_event_log_system_104.yml
@@ -10,7 +10,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 output_fields:
diff --git a/data_sources/windows_event_log_system_4720.yml b/data_sources/windows_event_log_system_4720.yml
index c92927c8cd..e3708f6d96 100644
--- a/data_sources/windows_event_log_system_4720.yml
+++ b/data_sources/windows_event_log_system_4720.yml
@@ -17,7 +17,7 @@ separator_value: '4720'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - Account_Domain
diff --git a/data_sources/windows_event_log_system_4726.yml b/data_sources/windows_event_log_system_4726.yml
index 912a64e383..dff29d788b 100644
--- a/data_sources/windows_event_log_system_4726.yml
+++ b/data_sources/windows_event_log_system_4726.yml
@@ -17,7 +17,7 @@ separator_value: '4726'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - Account_Domain
diff --git a/data_sources/windows_event_log_system_4728.yml b/data_sources/windows_event_log_system_4728.yml
index 86a2d30a8e..1d0274fc5d 100644
--- a/data_sources/windows_event_log_system_4728.yml
+++ b/data_sources/windows_event_log_system_4728.yml
@@ -17,7 +17,7 @@ separator_value: '4728'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - Account_Domain
diff --git a/data_sources/windows_event_log_system_7036.yml b/data_sources/windows_event_log_system_7036.yml
index 42d5fe95b2..e5c5dc3e4b 100644
--- a/data_sources/windows_event_log_system_7036.yml
+++ b/data_sources/windows_event_log_system_7036.yml
@@ -17,7 +17,7 @@ separator_value: '7036'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - Channel
diff --git a/data_sources/windows_event_log_system_7040.yml b/data_sources/windows_event_log_system_7040.yml
index 062824ae3e..6a58bb517c 100644
--- a/data_sources/windows_event_log_system_7040.yml
+++ b/data_sources/windows_event_log_system_7040.yml
@@ -17,7 +17,7 @@ separator_value: '7040'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - Channel
diff --git a/data_sources/windows_event_log_system_7045.yml b/data_sources/windows_event_log_system_7045.yml
index 9c74c96c7b..3904c66000 100644
--- a/data_sources/windows_event_log_system_7045.yml
+++ b/data_sources/windows_event_log_system_7045.yml
@@ -17,7 +17,7 @@ separator_value: '7045'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - AccountName
diff --git a/data_sources/windows_event_log_taskscheduler_200.yml b/data_sources/windows_event_log_taskscheduler_200.yml
index 84e1012d78..6d022ccafa 100644
--- a/data_sources/windows_event_log_taskscheduler_200.yml
+++ b/data_sources/windows_event_log_taskscheduler_200.yml
@@ -17,7 +17,7 @@ separator_value: '200'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - ActionName
diff --git a/data_sources/windows_event_log_taskscheduler_201.yml b/data_sources/windows_event_log_taskscheduler_201.yml
index eb2f0a3fbb..e1bf8d900b 100644
--- a/data_sources/windows_event_log_taskscheduler_201.yml
+++ b/data_sources/windows_event_log_taskscheduler_201.yml
@@ -10,7 +10,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 output_fields:
diff --git a/data_sources/windows_iis.yml b/data_sources/windows_iis.yml
index ba137c04fa..1e20d6586a 100644
--- a/data_sources/windows_iis.yml
+++ b/data_sources/windows_iis.yml
@@ -16,4 +16,4 @@ separator: EventID
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
diff --git a/data_sources/windows_iis_29.yml b/data_sources/windows_iis_29.yml
index cadf733d30..19700b18cb 100644
--- a/data_sources/windows_iis_29.yml
+++ b/data_sources/windows_iis_29.yml
@@ -17,7 +17,7 @@ separator_value: '29'
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - _time
 - ComputerName