Process Create ASIM parser
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
Parser Information
| Property | Value |
|---|---|
| Parser Name | ASimProcessEventCreate |
| Built-in Parser | _ASim_ProcessEvent_Create |
| Schema | ProcessEvent |
| Schema Version | 0.1.0 |
| Parser Type | 📦 Union (schema-level) |
| Parser Version | 0.1.1 (version history) |
| Last Updated | Feb 23, 2022 |
| Source File | Parsers\ASimProcessEvent\Parsers\ASimProcessEventCreate.yaml |
Description
This ASIM parser supports normalizing process create event logs from all supported sources to the ASIM ProcessEvent normalized schema.
Products
This union parser includes parsers for the following products:
| Product | Source Parser | Solutions |
|---|---|---|
| SentinelOne | _ASim_ProcessCreate_SentinelOne | |
| Sysmon for Linux | _ASim_ProcessEvent_CreateLinuxSysmon | Syslog |
| Security Events | _ASim_ProcessEvent_CreateMicrosoftSecurityEvents | Windows Security Events |
| Sysmon | _ASim_ProcessEvent_CreateMicrosoftSysmon | |
| Security Events | _ASim_ProcessEvent_CreateMicrosoftWindowsEvents | Windows Forwarded Events |
| Trend Micro Vision One | _ASim_ProcessEvent_CreateTrendMicroVisionOne | Trend Micro Vision One |
| VMware Carbon Black Cloud | _ASim_ProcessEvent_CreateVMwareCarbonBlackCloud | |
| Microsoft Defender for IoT | _ASim_ProcessEvent_MD4IoT | |
| Microsoft 365 Defender for endpoint | _ASim_ProcessEvent_Microsoft365D | |
| Native | _ASim_ProcessEvent_Native | SynqlyIntegrationConnector VMware Carbon Black Cloud |
References
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊