Hi
I'm trying to understand what are the default parsers actually doing mapping wise and looking for relevant documentation
So far I found this
https://cloud.google.com/chronicle/docs/ingestion/parser-list/supported-default-parsers
which lists the supported products
but its not as detailed as this
https://cloud.google.com/chronicle/docs/preview/default-parsers
which explains in detail whats going on in the mapping
Any idea where to find a full listing like in the second link for all the supported products?
Thanks
Page 1 / 1
This is probably your best bet for the parsers that aren’t comprehensively documented. I haven’t played around with it myself though:
https://medium.com/@thatsiemguy/understanding-chronicle-parsers-with-visualization-4ff79f674323
Much appreciated Ion
@ion_
So when looking at the settings tab in your instance you see a tab for parsers right?
I don’t, i’ve requested access but haven’t heard back
Its a preview feature currently
I can enable your tenant for the Parser Management preview as long as it's not partner managed. Can you drop me an email with your tenant name?
licata@google.com
This has been enabled for our tenant, thank you
Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.