diff --git a/.github/workflows/appinspect.yml b/.github/workflows/appinspect.yml
index 3c9ab18..c95c0b8 100644
--- a/.github/workflows/appinspect.yml
+++ b/.github/workflows/appinspect.yml
@@ -1,13 +1,13 @@
 name: Splunk Appinspect
 on:
   workflow_dispatch:
-  # pull_request:
-  #   branches:
-  #     - main
-  #     - master
-  #   paths:
-  #     - "SA-SentinelOneDevices/**"
-  #   types: [opened, ready_for_review]
+  pull_request:
+    branches:
+      - main
+      - master
+    paths:
+      - "SA-SentinelOneDevices/**"
+    types: [opened, ready_for_review]
 
 jobs:
   call-packaging-workflow:
diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml
index cb2d42e..152c8f2 100644
--- a/.github/workflows/docs.yml
+++ b/.github/workflows/docs.yml
@@ -2,12 +2,12 @@ name: docs
 
 on:
   workflow_dispatch:
-  # push:
-  #   branches:
-  #     - main
-  #     - master
-  #   paths:
-  #     - "docs/**"
+  push:
+    branches:
+      - main
+      - master
+    paths:
+      - "docs/**"
 
 permissions:
   contents: write
diff --git a/.github/workflows/fossa.yml b/.github/workflows/fossa.yml
index f3549e8..20b0955 100644
--- a/.github/workflows/fossa.yml
+++ b/.github/workflows/fossa.yml
@@ -1,13 +1,13 @@
 name: fossa
 on:
   workflow_dispatch:
-  # pull_request:
-  #   branches:
-  #     - main
-  #     - master
-  #   paths:
-  #     - "SA-SentinelOneDevices/**"
-  #   types: [opened, ready_for_review]
+  pull_request:
+    branches:
+      - main
+      - master
+    paths:
+      - "SA-SentinelOneDevices/**"
+    types: [opened, ready_for_review]
 
 jobs:
   fossa-scan:
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 7592b2c..cde1b91 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -1,12 +1,12 @@
 name: release
 on:
   workflow_dispatch:
-  # push:
-  #   branches:
-  #     - master
-  #     - main
-  #   paths:
-  #     - "SA-SentinelOneDevices/**"
+  push:
+    branches:
+      - master
+      - main
+    paths:
+      - "SA-SentinelOneDevices/**"
 
 permissions:
   contents: write
diff --git a/README.md b/README.md
index ef4c7bd..29413f5 100644
--- a/README.md
+++ b/README.md
@@ -35,7 +35,7 @@ This supporting add-on comes with prebuilt content for SentinelOne device data t
 
 Info | Description
 ------|----------
-SA-SentinelOneDevices | 1.0.1 - [Splunkbase](https://splunkbase.splunk.com/app/6612)
+SA-SentinelOneDevices | 1.0.2 - [Splunkbase](https://splunkbase.splunk.com/app/6612)
 Splunk Enterprise Security Version (Required) | [7.x \| 6.x](https://splunkbase.splunk.com/app/263)
 SentinelOne App For Splunk (Required) | [5.1.x](https://splunkbase.splunk.com/app/5433)
 Add-on has a web UI | No, this add-on does not contain views.
diff --git a/SA-SentinelOneDevices/README.txt b/SA-SentinelOneDevices/README.txt
index 7067141..aa50735 100644
--- a/SA-SentinelOneDevices/README.txt
+++ b/SA-SentinelOneDevices/README.txt
@@ -1 +1 @@
-Documentation for the APP_NAME add-on can be found at https://splunk-sa-sentinelone.ztsplunker.com.
+Documentation for the SA-SentinelOneDevices add-on can be found at https://splunk.github.io/SA-SentinelOneDevices/.
diff --git a/SA-SentinelOneDevices/app.manifest b/SA-SentinelOneDevices/app.manifest
index 59cea91..89048d8 100644
--- a/SA-SentinelOneDevices/app.manifest
+++ b/SA-SentinelOneDevices/app.manifest
@@ -5,7 +5,7 @@
     "id": {
       "group": null,
       "name": "SA-SentinelOneDevices",
-      "version": "1.0.1"
+      "version": "1.0.2"
     },
     "author": [
       {
@@ -27,9 +27,9 @@
     },
     "commonInformationModels": null,
     "license": {
-      "name": "MIT License",
+      "name": "SPLUNK GENERAL TERMS",
       "text": null,
-      "uri": "https://opensource.org/licenses/MIT"
+      "uri": "https://www.splunk.com/en_us/legal/splunk-general-terms.html"
     },
     "privacyPolicy": {
       "name": "Splunk Privacy Policy",
@@ -38,7 +38,7 @@
     },
     "releaseNotes": {
       "name": "README",
-      "uri": "https://splunk-sa-sentinelone.ztsplunker.com"
+      "uri": "https://splunk.github.io/SA-SentinelOneDevices/releases/"
     }
   },
   "dependencies": {
@@ -48,7 +48,7 @@
     },
     "SplunkEnterpriseSecuritySuite": {
       "version": ">=6.0.0",
-      "optional": false
+      "optional": true
     }
   },
   "tasks": [
diff --git a/SA-SentinelOneDevices/default/app.conf b/SA-SentinelOneDevices/default/app.conf
index 990cad6..a977d48 100644
--- a/SA-SentinelOneDevices/default/app.conf
+++ b/SA-SentinelOneDevices/default/app.conf
@@ -3,16 +3,23 @@
 # To make changes, copy the section/stanza you want to change from ./default
 # into ../local and edit there.
 
+[author=ZachTheSplunker]
+email = zchristensen@splunk.com
+
+[id]
+name = SA-SentinelOneDevices
+version = 1.0.2
+
 [install]
 state_change_requires_restart = false
 is_configured = false
 state = enabled
-build = 5
+build = 6
 
 [launcher]
 author  = ZachTheSplunker
 description = The SA-SentinelOneDevices add-on allows Splunk Enterprise Security admins to use SentinelOne device data with the Asset Database.
-version = 1.0.1
+version = 1.0.2
 
 [ui]
 is_visible = 0
diff --git a/SA-SentinelOneDevices/default/inputs.conf b/SA-SentinelOneDevices/default/inputs.conf
index 5ba6471..b124560 100644
--- a/SA-SentinelOneDevices/default/inputs.conf
+++ b/SA-SentinelOneDevices/default/inputs.conf
@@ -4,7 +4,6 @@
 # into ../local and edit there.
 
 [identity_manager://sentinelone_devices]
-blacklist   = true
 category    = sentinelone_devices
 description = Device information from SA-SentinelOneDevices.
 target      = asset
diff --git a/SA-SentinelOneDevices/default/macros.conf b/SA-SentinelOneDevices/default/macros.conf
index f902240..09affba 100644
--- a/SA-SentinelOneDevices/default/macros.conf
+++ b/SA-SentinelOneDevices/default/macros.conf
@@ -7,6 +7,7 @@
 definition = index=sentinelone
 iseval = false
 
+# Deprecated
 [sa_sentinelone_retention]
 definition = "-2d"
 iseval = false
diff --git a/SA-SentinelOneDevices/default/managed_configurations.conf b/SA-SentinelOneDevices/default/managed_configurations.conf
index 73ee4e4..9e7d690 100644
--- a/SA-SentinelOneDevices/default/managed_configurations.conf
+++ b/SA-SentinelOneDevices/default/managed_configurations.conf
@@ -7,9 +7,15 @@
 description = Device information generated from SA-SentinelOne Devices.
 editable = true
 endpoint = /services/data/transforms/lookups/sentinelone_devices
-label = SentinelOne Devices Lookup - Gen
+label = SA-SentinelOneDevices
 lookup_type = search
 savedsearch = SentinelOne Devices Lookup - Gen
+retention = {\
+    "disabled": 0,\
+    "earliestTime": "-2d",\
+    "timeField": "_last_seen",\
+    "timeFormat": "%s"\
+}\
 
 [setting:sa_sentinelone_index]
 endpoint = /services/admin/macros/sa_sentinelone_index
@@ -18,11 +24,3 @@ description = Configure SA-SentinelOneDevices index definition for the Asset Dat
 attribute = definition
 attribute_type = string
 link = [/manager/$@namespace$/data/macros/sa_sentinelone_index?action=edit|Edit in manager]
-
-[setting:sa_sentinelone_retention]
-endpoint = /services/admin/macros/sa_sentinelone_retention
-label = SA-SentinelOneDevices Retention
-description = Amount of time before a device is removed from the Asset Database.
-attribute = definition
-attribute_type = string
-link = [/manager/$@namespace$/data/macros/sa_sentinelone_retention?action=edit|Edit in manager]
diff --git a/SA-SentinelOneDevices/default/savedsearches.conf b/SA-SentinelOneDevices/default/savedsearches.conf
index c010cda..7f87730 100644
--- a/SA-SentinelOneDevices/default/savedsearches.conf
+++ b/SA-SentinelOneDevices/default/savedsearches.conf
@@ -67,8 +67,9 @@ search = `sa_sentinelone_index` sourcetype="sentinelone:channel:agents" \
 | outputlookup key_field=_key sentinelone_devices \
 | stats count
 
+# Deprecated
 [SentinelOne Devices Lookup - Cleanup]
-disabled = false
+disabled = true
 cron_schedule = 39 * * * *
 description = removes old entries from kvstore lookup: sentinelone_devices
 dispatch.earliest_time = -1s
diff --git a/SA-SentinelOneDevices/static/appIcon.png b/SA-SentinelOneDevices/static/appIcon.png
index c27f930..7307e4f 100644
Binary files a/SA-SentinelOneDevices/static/appIcon.png and b/SA-SentinelOneDevices/static/appIcon.png differ
diff --git a/SA-SentinelOneDevices/static/appIconAlt.png b/SA-SentinelOneDevices/static/appIconAlt.png
index c27f930..7307e4f 100644
Binary files a/SA-SentinelOneDevices/static/appIconAlt.png and b/SA-SentinelOneDevices/static/appIconAlt.png differ
diff --git a/SA-SentinelOneDevices/static/appIconAlt_2x.png b/SA-SentinelOneDevices/static/appIconAlt_2x.png
index ad7aebb..048e608 100644
Binary files a/SA-SentinelOneDevices/static/appIconAlt_2x.png and b/SA-SentinelOneDevices/static/appIconAlt_2x.png differ
diff --git a/SA-SentinelOneDevices/static/appIcon_2x.png b/SA-SentinelOneDevices/static/appIcon_2x.png
index ad7aebb..048e608 100644
Binary files a/SA-SentinelOneDevices/static/appIcon_2x.png and b/SA-SentinelOneDevices/static/appIcon_2x.png differ
diff --git a/SA-SentinelOneDevices/static/appLogo.png b/SA-SentinelOneDevices/static/appLogo.png
deleted file mode 100644
index 25106a6..0000000
Binary files a/SA-SentinelOneDevices/static/appLogo.png and /dev/null differ
diff --git a/SA-SentinelOneDevices/static/appLogo_2x.png b/SA-SentinelOneDevices/static/appLogo_2x.png
deleted file mode 100644
index 07b7fb6..0000000
Binary files a/SA-SentinelOneDevices/static/appLogo_2x.png and /dev/null differ
diff --git a/docs/index.md b/docs/index.md
index c275ab8..572ebd7 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -29,7 +29,7 @@ This documentation assumes the following:
 
 Info | Description
 ------|----------
-SA-SentinelOneDevices | 1.0.1 - [Splunkbase <small>:icon-link-external:</small>](https://splunkbase.splunk.com/app/6612/){ target="blank" } 
+SA-SentinelOneDevices | 1.0.2 - [Splunkbase <small>:icon-link-external:</small>](https://splunkbase.splunk.com/app/6612/){ target="blank" } 
 Splunk Enterprise Security Version <small>(Required)</small> | [7.x \| 6.x <small>:icon-link-external:</small>](https://splunkbase.splunk.com/app/263){ target="blank" }
 SentinelOne App For Splunk <small>(Required)</small> | [5.1.x <small>:icon-link-external:</small>](https://splunkbase.splunk.com/app/5433){ target="blank" }
 Add-on has a web UI | No, this add-on does not contain views.
diff --git a/docs/releases/index.md b/docs/releases/index.md
index 3d78ad6..a789b22 100644
--- a/docs/releases/index.md
+++ b/docs/releases/index.md
@@ -10,7 +10,7 @@ Latest release can be found on [Splunkbase <small>:icon-link-external:</small>](
 
 ## v1.0.2 [!badge text="LATEST" variant="info" icon="package"]
 
-Released: [December 16, 2023 <small>:icon-link-external:</small>](https://github.com/splunk/SA-SentinelOneDevices/releases/tag/v1.0.2){ target="blank" }
+Released: [December 19, 2023 <small>:icon-link-external:</small>](https://github.com/splunk/SA-SentinelOneDevices/releases/tag/v1.0.2){ target="blank" }
 
 +++ Improved :icon-thumbsup:
 - [x] Added managed configurations for Splunk Enterprise Security to control retention of lookup file --> [Schedule Search](/start/scheduled-search.md){ target="blank" }
diff --git a/docs/retype.yml b/docs/retype.yml
index 16cb1cc..79c2ec8 100644
--- a/docs/retype.yml
+++ b/docs/retype.yml
@@ -4,7 +4,7 @@ url: splunk.github.io/SA-SentinelOneDevices/
 
 branding:
   title: SA-SentinelOneDevices
-  label: v1.0.1
+  label: v1.0.2
 
 links:
 - text: Splunkbase