splunk · patel-bhavin · Apr 17, 2026
@@ -44,9 +44,9 @@ apps:
 - uid: 7404
   title: Cisco Security Cloud
   appid: CiscoSecurityCloud
-  version: 3.6.3
+  version: 3.6.4
   description: description of app
-  hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/cisco-security-cloud_363.tgz
+  hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/cisco-security-cloud_364.tgz
 - uid: 6652
   title: Add-on for Linux Sysmon
   appid: Splunk_TA_linux_sysmon
@@ -65,9 +65,9 @@ apps:
 - uid: 742
   title: Splunk Add-on for Microsoft Windows
   appid: SPLUNK_ADD_ON_FOR_MICROSOFT_WINDOWS
-  version: 9.1.2
+  version: 10.0.0
   description: description of app
-  hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-microsoft-windows_912.tgz
+  hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-microsoft-windows_1000.tgz
 - uid: 5709
   title: Splunk Add-on for Sysmon
   appid: Splunk_TA_microsoft_sysmon
@@ -161,15 +161,15 @@ apps:
 - uid: 3110
   title: Splunk Add-on for Microsoft Cloud Services
   appid: SPLUNK_TA_MICROSOFT_CLOUD_SERVICES
-  version: 6.1.0
+  version: 6.1.1
   description: description of app
-  hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-microsoft-cloud-services_610.tgz
+  hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-microsoft-cloud-services_611.tgz
 - uid: 4055
   title: Splunk Add-on for Microsoft Office 365
   appid: SPLUNK_ADD_ON_FOR_MICROSOFT_OFFICE_365
-  version: 5.1.0
+  version: 6.0.1
   description: description of app
-  hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-microsoft-office-365_510.tgz
+  hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-microsoft-office-365_601.tgz
 - uid: 5518
   title: Splunk add on for Microsoft Defender Advanced Hunting
   appid: SPLUNK_ADD_ON_FOR_MICROSOFT_DEFENDER_ADVANCED_HUNTING

@@ -10,7 +10,7 @@ separator: operationName
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 output_fields:
 - dest
 - user

@@ -18,7 +18,7 @@ separator_value: Add app role assignment to service principal
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level

@@ -18,7 +18,7 @@ separator_value: Add member to role
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level

@@ -18,7 +18,7 @@ separator_value: Add owner to application
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level

@@ -18,7 +18,7 @@ separator_value: Add service principal
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level

@@ -17,7 +17,7 @@ separator_value: Add unverified domain
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level

@@ -18,7 +18,7 @@ separator_value: Consent to application
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level

@@ -16,7 +16,7 @@ separator_value: Disable Strong Authentication
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level

@@ -15,7 +15,7 @@ separator_value: Enable account
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level

@@ -16,7 +16,7 @@ separator_value: Invite external user
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level

@@ -10,7 +10,7 @@ separator: operationName
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 example_log: '{"time": "2024-04-30T01:22:46.4948958Z", "resourceId": "/TENANTS/225E05A1-5914-4688-A404-7030E60F3143/PROVIDERS/MICROSOFT.AADIAM",

@@ -10,7 +10,7 @@ separator: operationName
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - action
 - additional_details

@@ -16,7 +16,7 @@ separator_value: Reset password (by admin)
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level

@@ -16,7 +16,7 @@ separator_value: Set domain authentication
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level

@@ -16,7 +16,7 @@ separator_value: Sign-in activity
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level

@@ -16,7 +16,7 @@ separator_value: Update application
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level

@@ -16,7 +16,7 @@ separator_value: Update authorization policy
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level

@@ -14,7 +14,7 @@ separator_value: Update user
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level

@@ -15,7 +15,7 @@ separator_value: User registered security info
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - Level

@@ -15,7 +15,7 @@ separator_value: Create or Update an Azure Automation account
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - authorization.action

@@ -15,7 +15,7 @@ separator_value: Create or Update an Azure Automation Runbook
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - authorization.action

@@ -15,7 +15,7 @@ separator_value: Create or Update an Azure Automation webhook
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - _time
 - authorization.action

@@ -13,7 +13,7 @@ separator: operationName
 supported_TA:
 - name: Splunk Add-on for Microsoft Cloud Services
   url: https://splunkbase.splunk.com/app/3110
-  version: 6.1.0
+  version: 6.1.1
 fields:
 - column
 - action

@@ -10,5 +10,5 @@ separator: null
 supported_TA:
 - name: Cisco Security Cloud
   url: https://splunkbase.splunk.com/app/7404
-  version: 3.6.3
+  version: 3.6.4
 fields: null
@@ -21,7 +21,7 @@ separator: null
 supported_TA:
 - name: Cisco Security Cloud
   url: https://splunkbase.splunk.com/app/7404
-  version: 3.6.3
+  version: 3.6.4
 fields:
 - Cisco_ASA_action
 - Cisco_ASA_message_id

@@ -10,7 +10,7 @@ separator: null
 supported_TA:
 - name: Cisco Security Cloud
   url: https://splunkbase.splunk.com/app/7404
-  version: 3.6.3
+  version: 3.6.4
 fields:
 - access_device.browser
 - access_device.browser_version

@@ -10,7 +10,7 @@ separator: null
 supported_TA:
 - name: Cisco Security Cloud
   url: https://splunkbase.splunk.com/app/7404
-  version: 3.6.3
+  version: 3.6.4
 fields:
 - action
 - actionlabel

@@ -13,7 +13,7 @@ sourcetype: cisco:isovalent:processConnect
 supported_TA:
 - name: Cisco Security Cloud
   url: https://splunkbase.splunk.com/app/7404
-  version: 3.6.3
+  version: 3.6.4
 fields:
 - _time
 - app

@@ -10,7 +10,7 @@ sourcetype: cisco:isovalent:processExec
 supported_TA:
 - name: Cisco Security Cloud
   url: https://splunkbase.splunk.com/app/7404
-  version: 3.6.3
+  version: 3.6.4
 fields:
 - _time
 - cluster_name

@@ -12,7 +12,7 @@ sourcetype: cisco:isovalent
 supported_TA:
 - name: Cisco Security Cloud
   url: https://splunkbase.splunk.com/app/7404
-  version: 3.6.3
+  version: 3.6.4
 fields:
 - _time
 - app

@@ -10,7 +10,7 @@ sourcetype: cisco:sfw:estreamer
 supported_TA:
 - name: Cisco Security Cloud
   url: https://splunkbase.splunk.com/app/7404
-  version: 3.6.3
+  version: 3.6.4
 fields:
 - AC_RuleAction
 - action

@@ -10,7 +10,7 @@ sourcetype: cisco:sfw:estreamer
 supported_TA:
 - name: Cisco Security Cloud
   url: https://splunkbase.splunk.com/app/7404
-  version: 3.6.3
+  version: 3.6.4
 fields:
 - app
 - Application

@@ -10,7 +10,7 @@ sourcetype: cisco:sfw:estreamer
 supported_TA:
 - name: Cisco Security Cloud
   url: https://splunkbase.splunk.com/app/7404
-  version: 3.6.3
+  version: 3.6.4
 fields:
 - Application
 - Classification

@@ -9,7 +9,7 @@ sourcetype: o365:graph:api
 supported_TA:
 - name: Splunk Add-on for Microsoft Office 365
   url: https://splunkbase.splunk.com/app/4055
-  version: 5.1.0
+  version: 6.0.1
 fields:
 - appDisplayName
 - appId

@@ -10,7 +10,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - CategoryString
 - Channel

@@ -10,7 +10,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - CategoryString
 - Channel

@@ -10,7 +10,7 @@ separator: EventCode
 supported_TA:
 - name: Splunk Add-on for Microsoft Windows
   url: https://splunkbase.splunk.com/app/742
-  version: 9.1.2
+  version: 10.0.0
 fields:
 - CategoryString
 - Channel

@@ -17,4 +17,4 @@ separator: Operation
 supported_TA:
 - name: Splunk Add-on for Microsoft Office 365
   url: https://splunkbase.splunk.com/app/4055
-  version: 5.1.0
+  version: 6.0.1
@@ -17,7 +17,7 @@ separator_value: Add app role assignment grant to user.
 supported_TA:
 - name: Splunk Add-on for Microsoft Office 365
   url: https://splunkbase.splunk.com/app/4055
-  version: 5.1.0
+  version: 6.0.1
 fields:
 - _time
 - ActorContextId

@@ -18,7 +18,7 @@ separator_value: Add app role assignment to service principal.
 supported_TA:
 - name: Splunk Add-on for Microsoft Office 365
   url: https://splunkbase.splunk.com/app/4055
-  version: 5.1.0
+  version: 6.0.1
 fields:
 - _time
 - ActorContextId