Skip to main content
Question

Team Viewer Outgoing Connection Ingestion

  • August 19, 2025
  • 1 reply
  • 37 views
horongshen
Forum|alt.badge.img+1

There is a prebuilt parser in SecOps SIEM. This particular parser is made for Team Viewer audit events. Is there anyone who have managed to build their own parser where it is used for Team Viewer Outgoing Connection?  

 

Please be informed audit events for Team Viewer are only applicable for events from:
https://www.teamviewer.com/en/global/support/knowledge-base/teamviewer-tensor-classic/security/auditability-event-log/

 

The ones which i require help on the parsing is for Outgoing Connection:

https://www.teamviewer.com/en/global/support/knowledge-base/teamviewer-classic/remote-control/out-of-session-features/connection-reports/

 

Much appreciated for any guidance. 

 

Thank you.

1 reply

kentphelps
Staff
Forum|alt.badge.img+11
  • kentphelps
  • Staff
  • August 21, 2025

You will need to build a custom parser for TeamViewer outgoing connection reports in Google SecOps. The prebuilt parser is designed specifically for TeamViewer audit events from the Tensor platform, which are different from the connection reports you're looking to ingest.

Take a look here for how to get started:
Manage prebuilt and custom parsers

AbdElHafez
Terms & ConditionsCookie settingsAccessibility statement
Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

© 2025 Google. All rights reserved.