Skip to main content


Does anyone here know of any resources for UDM parsing apart from the official reference documentation? The docs are fine for what they are, showing you
how
, but Google doesn't seem to have very good training on teaching you
why
. I'm just trying to find any kind of tutorial (blog, YouTube video, webinar, etc.) that starts with the fundamentals elements of a parser/extension at a high level and walks you through it start to finish.


https://cloud.google.com/chronicle/docs/event-processing/parsing-overview
is pretty good


else my blog on the topic of parsing available here -
https://medium.com/@thatsiemguy/parsing-101-best-practices-tips-c2e8b7ce9db8


the training has a 20~ minute video on parsing too under SIEM -
https://learn.chronicle.security/


Thank you sir, much appreciated

Reply


Terms & ConditionsCookie settings
Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

© 2025 Google. All rights reserved.