The Devo Parser is one of the secret spices of our unique Hyperstream technology. The Parsers organize raw events stored in tags in different columns and display them in the corresponding tables. This method completely bypasses data indexing and contributes to Devo’s amazing search speeds. Every data source is unique, so we have a great catalog of existing parsers. Our teams review parser performance, build new parsers and update parsers on a regular basis. This article covers all the updated and new parsers available this month. If you require a new parser, please open a support ticket through the support portal located here. You can also visit the new Resources Portal, a single page for all your customer resources!
Table of Contents
Updated Parsers
network.citrix
- Fixes
- Added a fix to parse user info from the logs:
- network.citrix.adc.aaatm
- network.citrix.adc.aaa
- Added a fix to parse user info from the logs:
auth.all
- Improvements
- Updated mappings in auth.all union
firewall.barracuda
- Fixes
- Fixed parsing issue causing log data to be parsed in the wrong fields:
- firewall.barracuda.threat
- Fixed parsing issue causing log data to be parsed in the wrong fields:
cloud.office365
- Added
- Added new field:
- cloud.office365.management.quarantine
- Added new field:
firewall.cisco
- Improvements
- Updated parsing rules to parse new log types:
- firewall.cisco.asa
- Updated parsing rules to parse new log types:
firewall.sophos
- Improvements
- Added new fields to firewall.all.traffic union and fixed rules in firewall.sophos.xgfirewall.firewall to parse tran_src_port and tran_dst_port:
- firewall.sophos.xgfirewall.firewall
- firewall.all.traffic
- Added new fields to firewall.all.traffic union and fixed rules in firewall.sophos.xgfirewall.firewall to parse tran_src_port and tran_dst_port:
firewall.watchguard
- Improvements
- Added and fixed rules to parse newer types of logs:
- firewall.watchguard.event
- Added and fixed rules to parse newer types of logs:
adn.f5
- Improvements
- Added rules to parse newer types of logs:
- adn.f5.bigip.apm
- Added rules to parse newer types of logs: