Authentication ASIM parser

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to ASIM Index

---

Parser Information

Property	Value
Parser Name	ASimAuthentication
Built-in Parser	_ASim_Authentication
Schema	Authentication
Schema Version	0.1.4
Parser Type	📦 Union (schema-level)
Parser Version	0.2.13 (version history)
Last Updated	Apr 09, 2026
Source File	Parsers\ASimAuthentication\Parsers\ASimAuthentication.yaml

Description

This ASIM parser supports normalizing Authentication logs from all supported sources to the ASIM Authentication normalized schema. ParserName: ASimAuthentication

Products

This union parser includes parsers for the following products:

Product	Source Parser	Solutions
Microsoft Entra ID	_ASim_Authentication_AADManagedIdentitySignInLogs	Microsoft Entra ID
Microsoft Entra ID	_ASim_Authentication_AADNonInteractiveUserSignInLogs	Microsoft Entra ID
Microsoft Entra ID	_ASim_Authentication_AADServicePrincipalSignInLogs	Microsoft Entra ID
AWS	_ASim_Authentication_AWSCloudTrail	Amazon Web Services
Barracuda WAF	_ASim_Authentication_BarracudaWAF	Common Event Format VirtualMetric DataStream Zscaler Internet Access
Cisco Adaptive Security Appliance (ASA)	_ASim_Authentication_CiscoASA	CiscoASA Common Event Format VirtualMetric DataStream Zscaler Internet Access
Cisco IOS	_ASim_Authentication_CiscoIOS	Syslog
Cisco ISE	_ASim_Authentication_CiscoISE	Syslog
Cisco ISE Administrator	_ASim_Authentication_CiscoISEAdministrator	Syslog
Cisco Meraki	_ASim_Authentication_CiscoMeraki	CiscoMeraki CustomLogsAma
Cisco Meraki	_ASim_Authentication_CiscoMerakiSyslog	Syslog
CrowdStrike Falcon Endpoint Protection	_ASim_Authentication_CrowdStrikeFalconHost	Common Event Format VirtualMetric DataStream Zscaler Internet Access
Fortigate	_ASim_Authentication_FortinetFortigate	Common Event Format VirtualMetric DataStream Zscaler Internet Access
Google Workspace	_ASim_Authentication_GoogleWorkspace
Illumio	_ASim_Authentication_IllumioSaaSCore	IllumioSaaS
M365 Defender for EndPoint	_ASim_Authentication_M365Defender
Microsoft Defender for IoT	_ASim_Authentication_MD4IoT
	_ASim_Authentication_MicrosoftSecurityEvents
Windows Security Events	_ASim_Authentication_MicrosoftWindowsEvent	Microsoft Exchange Security - Exchange On-Premises Windows Forwarded Events Windows Security Events
Native	_ASim_Authentication_Native	SynqlyIntegrationConnector VMware Carbon Black Cloud
Okta	_ASim_Authentication_OktaSSO	Okta Single Sign-On
Okta	_ASim_Authentication_OktaSystemLogs
Okta	_ASim_Authentication_OktaV2	Okta Single Sign-On
Palo Alto Cortex Data Lake	_ASim_Authentication_PaloAltoCortexDataLake	Common Event Format VirtualMetric DataStream Zscaler Internet Access
Palo Alto PAN-OS GlobalProtect	_ASim_Authentication_PaloAltoGlobalProtect	Common Event Format VirtualMetric DataStream Zscaler Internet Access
Palo Alto PAN-OS	_ASim_Authentication_PaloAltoPanOS	Common Event Format VirtualMetric DataStream Zscaler Internet Access
PostgreSQL	_ASim_Authentication_PostgreSQL	CustomLogsAma
Salesforce Service Cloud	_ASim_Authentication_SalesforceSC
SentinelOne	_ASim_Authentication_SentinelOne
Microsoft Entra ID	_ASim_Authentication_SigninLogs	Microsoft Entra ID
OpenSSH	_ASim_Authentication_Sshd	Syslog
su	_ASim_Authentication_Su	Syslog
sudo	_ASim_Authentication_Sudo	Syslog
VMware Carbon Black Cloud	_ASim_Authentication_VMwareCarbonBlackCloud
VMware vCenter	_ASim_Authentication_VMwareVCenter	CustomLogsAma
Vectra	_ASim_Authentication_VectraXDRAudit	Vectra XDR

Parameters

Name	Type	Default
pack	bool	False

References

• ASIM Authentication Schema
• ASIM

---

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to ASIM Index