Cisco Umbrella Schema Versions

graeme_hamilton · August 1, 2023, 9:32am

Hello,

I’ve noticed in the Cisco Umbrella admin dashboard that I have the ability to upgrade the schema version used for the logs written by Umbrella to the Cisco-managed S3 storage. We’re currently on schema version 4 and version 8 is available - descriptions of the schema versions are available at https://docs.umbrella.com/deployment-umbrella/docs/log-formats-and-versioning#log-schema-versions.

Does anyone know if the Rapid7 Event Source for Cisco Umbrella supports the latest v8 schema, or better yet are you using that schema version successfully with IDR?

Thanks!

david_smith · August 1, 2023, 12:33pm

Hi @graeme_hamilton I can confirm we added support for the v8 Schema earlier this year, so you should be good to upgrade.

David

graeme_hamilton · August 1, 2023, 12:55pm

Thanks David for the quick reply and the confirmation.

Graeme

steven · April 2, 2024, 6:58pm

Just noticed Schema Version 9 is out. Has support been added?