Skip to main content

Cloud SIEM Schema

This guide has information about Cloud SIEM schemas. In this section, we'll introduce the following concepts:

Flow diagram icon

Record Processing Pipeline

Learn how Cloud SIEM transforms incoming raw messages into Records.

Flow diagram icon

Cloud SIEM Schema Attributes

Learn about Cloud SIEM schema attributes.

Flow diagram icon

Mappable Attributes

Learn what Cloud SIEM schema attributes you can map to Records.

Flow diagram icon

Record Types

Learn about the Record types to which you can map schema attributes.

Flow diagram icon

Parsing Language Reference

Parsing is the first step in the Cloud SIEM Record processing pipeline.

Flow diagram icon

Log Mapping

Learn how to create a log mapping for structured messages.

Flow diagram icon

Normalized Classification

Set up schema fields with an enforced, Cloud SIEM-defined output.

Flow diagram icon

Field Mappings

Set up field mappings for messages that you want to be processed by Cloud SIEM's normalized threat rules.

Flow diagram icon

Parser Editor

Learn how to use the Parser Editor to configure and test a custom parser.

Flow diagram icon

Username and Hostname Normalization

Learn how to import YARA rules from GitHub into Cloud SIEM.

Flow diagram icon

Parser Troubleshooting

Learn how to troubleshoot problems with parsers.

Edit this page
Last updated on by John Pipkin (Sumo Logic)
Status
Legal
Privacy Statement
Terms of Use

Copyright © 2024 by Sumo Logic, Inc.