Process Terminate ASIM parser

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to ASIM Index

---

Parser Information

Property	Value
Parser Name	ASimProcessEventTerminate
Built-in Parser	_ASim_ProcessEvent_Terminate
Schema	ProcessEvent
Schema Version	0.1.0
Parser Type	📦 Union (schema-level)
Parser Version	0.1.1 (version history)
Last Updated	Feb 23, 2022
Source File	Parsers\ASimProcessEvent\Parsers\ASimProcessEventTerminate.yaml

Description

This ASIM parser supports normalizing process terminate event logs from all supported sources to the ASIM ProcessEvent normalized schema.

Products

This union parser includes parsers for the following products:

Product	Source Parser	Solutions
Microsoft Defender for IoT	_ASim_ProcessEvent_MD4IoT
Microsoft 365 Defender for endpoint	_ASim_ProcessEvent_Microsoft365D
Native	_ASim_ProcessEvent_Native	SynqlyIntegrationConnector VMware Carbon Black Cloud
Sysmon for Linux	_ASim_ProcessEvent_TerminateLinuxSysmon	Syslog
Security Events	_ASim_ProcessEvent_TerminateMicrosoftSecurityEvents	Windows Security Events
Microsoft Windows Events Sysmon	_ASim_ProcessEvent_TerminateMicrosoftSysmon
Security Events	_ASim_ProcessEvent_TerminateMicrosoftWindowsEvents	Windows Forwarded Events
VMware Carbon Black Cloud	_ASim_ProcessEvent_TerminateVMwareCarbonBlackCloud

References

• ASIM Process Schema
• ASIM

---

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to ASIM Index