If you didn't catch Saket's update about Log Parsers, be sure to look at all the improvements they made. Here's the January roll-up of the new detection capabilities added via Live.
Parsers
PVID
CustomTCP
Lua Mail Options file
rekaf
Cerber
Updates to the DynDNS parser
Feed Additions
Grizzly Steppe
Locky
Cerber
Schoolbell
Kingslayer
Tox Supernode
Reports
Added Tox traffic to the 'Encrypted Traffic' report