Skip to main content

The Devo Parser is one of the secret spices of our unique Hyperstream technology. The Parsers organize raw events stored in tags in different columns and display them in the corresponding tables. This method completely bypasses data indexing and contributes to Devo’s amazing search speeds. Every data source is unique, so we have great catalog of existing parsers. Our teams review parser performance, build new parsers and update parsers on a regular basis. This article covers all the updated and new parsers available. If you require a new parser, please open a support ticket through the support portal located here.

 

Table of Contents

New Parsers

box.ibm

Link to Documentation

cef0.aruba

Documentation in progress

cef0.cisco

Link to Documentation

cef0.skyhighSecurity

Link to Documentation

epm.beyondtrust

Documentation in progress

proxy.oclc

Link to Documentation

siem.devo

Documentation in progress

 

Updated Parsers

cloud.azure

Link to Documentation

edr.cisco

Link to Documentation

endpoint.symantec

Link to Documentation

firewall.all.traffic

Link to Documentation

firewall.cisco

Link to Documentation

firewall.uniper

Link to Documentation

sase.paloalto

Link to Documentation

Be the first to reply!