Does anyone here know of any resources for UDM parsing apart from the official reference documentation? The docs are fine for what they are, showing you how , but Google doesn't seem to have very good training on teaching you why . I'm just trying to find any kind of tutorial (blog, YouTube video, webinar, etc.) that starts with the fundamentals elements of a parser/extension at a high level and walks you through it start to finish.
Which resources for UDM parsing are apart from the official reference documentation?
+4
+11else my blog on the topic of parsing available here - https://medium.com/@thatsiemguy/parsing-101-best-practices-tips-c2e8b7ce9db8
+11the training has a 20~ minute video on parsing too under SIEM - https://learn.chronicle.security/
+4Thank you sir, much appreciated
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.