Skip to main content

Cloud SIEM Schema

This guide has information about Cloud SIEM schemas. In this section, we'll introduce the following concepts:

icon

Record Processing Pipeline

Learn how Cloud SIEM transforms incoming raw messages into Records.

icon

Cloud SIEM Schema Attributes

Learn about Cloud SIEM schema attributes.

icon

Mappable Attributes

Learn what Cloud SIEM schema attributes you can map to Records.

icon

Record Types

Learn about the Record types to which you can map schema attributes.

icon

Parsing Language Reference

Parsing is the first step in the Cloud SIEM Record processing pipeline.

icon

Log Mapping

Learn how to create a log mapping for structured messages.

icon

Normalized Classification

Set up schema fields with an enforced, Cloud SIEM-defined output.

icon

Field Mappings

Set up field mappings for messages that you want to be processed by Cloud SIEM's normalized threat rules.

icon

Parser Editor

Learn how to use the Parser Editor to configure and test a custom parser.

icon

Username and Hostname Normalization

Learn how to import YARA rules from GitHub into Cloud SIEM.

icon

Parser Troubleshooting

Learn how to troubleshoot problems with parsers.

Edit this page
Last updated on by John Pipkin (Sumo Logic)
Status
Legal
Privacy Statement
Terms of Use

Copyright © 2024 by Sumo Logic, Inc.