In this section, we'll introduce the following concepts:
📄️ Record Processing Pipeline
How CSE transforms incoming raw messages into Records.
Learn about CSE schema attributes.
📄️ Mappable Attributes
Learn what CSE schema attributes you can map to Records.
📄️ Record Types
Learn about the Record types to which you can map schema attributes.
📄️ Parsing Language Reference
Parsing is the first step in the Cloud SIEM Enterprise (CSE) Record processing pipeline
📄️ Log Mapping
Learn how to create a log mapping for structured messages.
📄️ Normalized Classification
Learn about CSE's Normalized Classification Fields, schema fields that have an enforced output defined by CSE.
📄️ Field Mappings
Learn how to set up field mappings for messages that you want to be processed by CSE's normalized threat rules.
📄️ Parser Editor
Learn how to use the Parser Editor to configure and test a custom parser.
📄️ Username and Hostname Normalization
Learn about how CSE normalizes usernames and hostnames during mapping and parsing.