Open source parsers


We created some open source parsers for Logstash, customized for some common software products (Symantec, CarbonBlack etc.):

I would love to hear your opinions - how useful could these be for security analysts?

The intent here is to save time-consuming and tricky work of "deciphering" the data in log chunks. The logic uses Grok, MITRE and maps to ECS.

Thanks :slight_smile:

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.