The Correlation Rule endpoint now introduces the nameContains parameter to enable you to filter results by a partial or full rule name. For more information, see Correlation Rules - Get all rules.

An endpoint for deleting correlation rules by ID is now available. See Delete a correlation rule.

New API endpoints have been introduced to support viewing, creating, and updating correlation rules. See the following:

The Context Collectors endpoints are now renamed and organized as Context Management. To facilitate this change, a new path is now available: context-management/v1.

New Context Management endpoints are available to support the following use cases:

The following enhancements are now available with Search:

You can now search for audit logs using the Exabeam API. For more information, see Search audit events.