Network Session ASIM parser for Cisco ISE
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
Parser Information
| Property | Value |
|---|---|
| Parser Name | ASimNetworkSessionCiscoISE |
| Built-in Parser | _ASim_NetworkSession_CiscoISE |
| Schema | NetworkSession |
| Schema Version | 0.2.6 |
| Parser Type | 🔌 Source (product-specific) |
| Product | Cisco ISE |
| Parser Version | 1.1.0 (version history) |
| Last Updated | July 6, 2023 |
| Unifying Parser | ASimNetworkSession |
| Source File | Parsers\ASimNetworkSession\Parsers\ASimNetworkSessionCiscoISE.yaml |
Description
This ASIM parser supports normalizing Cisco ISE Events produced by the Microsoft Sentinel Cisco ISE connector to the ASIM Network Session normalized schema.
Source Tables
This parser reads from the following tables:
| Table | Selection Criteria | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|---|
Syslog |
ProcessName has_any "CISE,CSCO" |
✓ | ✓ | ? |
Parameters
| Name | Type | Default |
|---|---|---|
disabled |
bool | False |
Associated Connectors
The following connectors provide data for this parser:
| Connector | Solution |
|---|---|
| SyslogAma | Syslog |
Solutions: Syslog
References
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊