Skip to main content

Cloud SIEM Record Types

Each message that Cloud SIEM maps must be assigned one, and only one, Record Type. For the complete list of record types, see Schema: Record Types in the Cloud SIEM Content Catalog.

Note that it is possible for multiple mappers to match a particular log message and each create a unique Record for that message—those multiple Records can have different Record Types. It isn’t standard practice to create multiple Cloud SIEM Records from a single log message, but it is possible if there is a use case. For related information, see Attributes You Can Map to Records.

Edit this page
Last updated on by John Pipkin (Sumo Logic)
Status
Legal
Privacy Statement
Terms of Use

Copyright © 2024 by Sumo Logic, Inc.