Hey Community!
For those of you interested in learning about ingestion and parsing in SecOps, we have an upcoming webinar on September 9th at 7AM PST! We’ll run through live examples of everything below and provide a Q&A at the end of the session. Join us to uplevel your ingestion and parsing game or just to get a head start with some best practices.
- Best practices for collecting logs from diverse sources like security devices (firewalls, EDRs), cloud services (AWS, Google Cloud), and operating systems.
- Choosing the right transport method (Bindplane, SecOps Forwarder, Cribl) and why buffering is critical for reliable data delivery.
- Why sending logs in their original format (JSON, SYSLOG, CEF) maximizes out-of-the-box parsing success.
- Tips for building effective custom parsers, including using AI to generate Grok patterns when needed.
- A look ahead at upcoming AI-powered features for automatic parsing.
See you online soon!