Cloud SIEM Schema
This guide has information about Cloud SIEM schemas. In this section, we'll introduce the following concepts:
![Flow diagram icon](/img/icons/operations/schema.png)
Record Processing Pipeline
Learn how Cloud SIEM transforms incoming raw messages into Records.
![Flow diagram icon](/img/icons/operations/schema.png)
Cloud SIEM Schema Attributes
Learn about Cloud SIEM schema attributes.
![Flow diagram icon](/img/icons/operations/schema.png)
Mappable Attributes
Learn what Cloud SIEM schema attributes you can map to Records.
![Flow diagram icon](/img/icons/operations/schema.png)
Record Types
Learn about the Record types to which you can map schema attributes.
![Flow diagram icon](/img/icons/operations/schema.png)
Parsing Language Reference
Parsing is the first step in the Cloud SIEM Record processing pipeline.
![Flow diagram icon](/img/icons/operations/schema.png)
Log Mapping
Learn how to create a log mapping for structured messages.
![Flow diagram icon](/img/icons/operations/schema.png)
Normalized Classification
Set up schema fields with an enforced, Cloud SIEM-defined output.
![Flow diagram icon](/img/icons/operations/schema.png)
Field Mappings
Set up field mappings for messages that you want to be processed by Cloud SIEM's normalized threat rules.
![Flow diagram icon](/img/icons/operations/schema.png)
Parser Editor
Learn how to use the Parser Editor to configure and test a custom parser.
![Flow diagram icon](/img/icons/operations/schema.png)
Username and Hostname Normalization
Learn how to import YARA rules from GitHub into Cloud SIEM.
![Flow diagram icon](/img/icons/operations/schema.png)
Parser Troubleshooting
Learn how to troubleshoot problems with parsers.