DNS activity ASIM parser

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to ASIM Index

Parser Information

Property	Value
Parser Name	`ASimDns`
Built-in Parser	`_ASim_Dns`
Schema	Dns
Schema Version	0.1.7
Parser Type	📦 Union (schema-level)
Parser Version	0.5.2 (version history)
Last Updated	June 7, 2024
Source File	Parsers\ASimDns\Parsers\ASimDns.yaml

Description

This ASIM parser supports normalizing DNS activity logs from all supported sources to the ASIM DNS activity normalized schema.

Products

This union parser includes parsers for the following products:

Product	Source Parser	Solutions
Azure Firewall	_ASim_Dns_AzureFirewall	Azure Firewall
Cisco Umbrella	_ASim_Dns_CiscoUmbrella	CiscoUmbrella
Corelight Zeek	_ASim_Dns_CorelightZeek	Corelight
Fortinet FortiGate	_ASim_Dns_FortinetFortiGate	Common Event Format VirtualMetric DataStream Zscaler Internet Access
GCP Cloud DNS	_ASim_Dns_Gcp
Infoblox BloxOne	_ASim_Dns_InfobloxBloxOne	Common Event Format VirtualMetric DataStream Zscaler Internet Access
Infoblox NIOS	_ASim_Dns_InfobloxNIOS	Syslog
MS DNS Events	_ASim_Dns_MicrosoftNXlog	NXLogDNSLogs
MS DNS Events	_ASim_Dns_MicrosoftOMS	Windows Server DNS
Microsoft Windows Events Sysmon	_ASim_Dns_MicrosoftSysmon
Microsoft Windows Events Sysmon	_ASim_Dns_MicrosoftSysmonWindowsEvent	Windows Forwarded Events
Native	_ASim_Dns_Native	SynqlyIntegrationConnector
SentinelOne	_ASim_Dns_SentinelOne
Vectra AI Streams	_ASim_Dns_VectraAI	CustomLogsAma Vectra AI Stream
Zscaler ZIA DNS	_ASim_Dns_ZscalerZIA	Common Event Format VirtualMetric DataStream Zscaler Internet Access

Parameters

Name	Type	Default
`pack`	bool	False

References

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to ASIM Index