diff --git a/datasets/cisco_isovalent/cisco_isovalent.log b/datasets/cisco_isovalent/cisco_isovalent.log
new file mode 100644
index 00000000..81a1097c
--- /dev/null
+++ b/datasets/cisco_isovalent/cisco_isovalent.log
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:a3b686ab456637b24d559663913862b9962c7a3ccbc0f64d8a53010f9a59ecb2
+size 15566
diff --git a/datasets/cisco_isovalent/cisco_isovalent.yml b/datasets/cisco_isovalent/cisco_isovalent.yml
new file mode 100644
index 00000000..90157a40
--- /dev/null
+++ b/datasets/cisco_isovalent/cisco_isovalent.yml
@@ -0,0 +1,14 @@
+author: Bhavin Patel, Splunk
+id: 1fc537db-5e0b-4a2e-a768-27e08eff0c70
+date: '2025-08-15'
+description: |
+ Generated datasets for Cisco Isovalent Process Exec EventType. Contains simulations for the following detections:
+  * Cisco Isovalent - Detect Shell Execution
+  * Cisco Isovalent - Curl Execution With Insecure Flags
+environment: manual simulations in a K8s cluster running Tetragon
+mitre_technique: []
+datasets:
+- name: cisco_isovalent
+  path: /datasets/cisco_isovalent/cisco_isovalent.log
+  sourcetype: cisco:isovalent
+  source: cisco_isovalent
\ No newline at end of file