DNS activity ASIM parser

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

↑ Back to ASIM Index

---

Parser Information

Property	Value
Parser Name	ASimDns
Built-in Parser	_ASim_Dns
Schema	Dns
Schema Version	0.1.7
Parser Type	📦 Union (schema-level)
Parser Version	0.5.2 (version history)
Last Updated	June 7, 2024
Source File	Parsers\ASimDns\Parsers\ASimDns.yaml

Description

This ASIM parser supports normalizing DNS activity logs from all supported sources to the ASIM DNS activity normalized schema.

Products

This union parser includes parsers for the following products:

Product	Source Parser	Solutions
Azure Firewall	_ASim_Dns_AzureFirewall	Azure Firewall
Cisco Umbrella	_ASim_Dns_CiscoUmbrella	CiscoUmbrella
Corelight Zeek	_ASim_Dns_CorelightZeek	Corelight
Fortinet FortiGate	_ASim_Dns_FortinetFortiGate	Common Event Format Fortinet FortiGate Next-Generation Firewall connector for Microsoft Sentinel (legacy connector) VirtualMetric DataStream
GCP Cloud DNS	_ASim_Dns_Gcp	GoogleCloudPlatformDNS (legacy connector)
Infoblox BloxOne	_ASim_Dns_InfobloxBloxOne	Common Event Format VirtualMetric DataStream
Infoblox NIOS	_ASim_Dns_InfobloxNIOS	Syslog
MS DNS Events	_ASim_Dns_MicrosoftNXlog
MS DNS Events	_ASim_Dns_MicrosoftOMS	Windows Server DNS
Microsoft Windows Events Sysmon	_ASim_Dns_MicrosoftSysmon
Microsoft Windows Events Sysmon	_ASim_Dns_MicrosoftSysmonWindowsEvent	Windows Forwarded Events
Native	_ASim_Dns_Native	SynqlyIntegrationConnector
SentinelOne	_ASim_Dns_SentinelOne	SentinelOne (legacy connector)
Vectra AI Streams	_ASim_Dns_VectraAI	CustomLogsAma Vectra AI Stream
Zscaler ZIA DNS	_ASim_Dns_ZscalerZIA	Common Event Format VirtualMetric DataStream

Parameters

Name	Type	Default
pack	bool	False

References

• ASIM DNS Schema
• ASIM

---

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊

↑ Back to ASIM Index