Jump to Content
Home
Guides
Recipes
API Reference
Changelog
Discussions
v1.0
Log In
Guides
Log In
Moon (Dark Mode)
Sun (Light Mode)
v1.0
Home
Guides
Recipes
API Reference
Changelog
Discussions
Alerts
Search
Documentation
Administration
User Management
Adding a User
Deleting and Disabling a User
Managing Roles
Audit
Access Tokens
Audit
On Premise Collectors
Adding a Collector
Collector Login
Install VMware version of the Collector
VMware OVA Images
Data Collection
Establishing the Collection Structure
Adding Data Sources
Creating a Processor
Adding a Processor to the Route
Data Sinks (Egress)
Platform Configuration
Reconfiguring a Data Source
Debugging and Editing a Parser (Processor)
Changing the Storage
Changing the Flow
HTTPs Event Collector (HEC)
Using Collectors
Cloud Collector
Remote (Virtual) Collector
Collector Login
VM Installation
VMWare OVA Images
Data Storage
Plugins and Integrations
Amazon Web Services (AWS) Integrations
Amazon S3 (w/ SQS)
AWS CloudTrail
AWS CloudTrail (Manual)
AWS GuardDuty
AWS Kinesis
Azure EventHubs
DUO
Email Audit and Protection
Mimecast
Proofprint
Endpoint Management
Bitdefender
Crowdstrike Falcon
SentinelOne
Google Workspace
System Notification Export
Slack
PagerDuty
ServiceNow
Microsoft (via OAuth)
Office365 Audit API
Office365 ResourceWatch
AzureAD (Entra ID) Audit
Cloud Network Services
Cisco Umbrella (OpenDNS)
LDAP
Supported Devices/Products Matrix
Data Analysis (Event Watch)
Notable Events
Creating a Rule
1. Describing the Rule
2. Selection of Data
3. Categorization of Rule
4. Tracking Stateful Properties
Entity Information Lists
Managing Rules
Alerts
Actions (Raw Audit)
What is an Audit Log
Creating an Action
Risk Scoring
Notification Workflow
1. Overview Summary
2. Behavioral Summary (Case)
3. Behavior Timeline
4. Investigation
Reports
Metrics
Cookbooks
Reports
EventIngress
BehaviorSummary
LoadResources_AD
Office365_UserActivityInvestigation
AzureAD_Logins
Parsers
Bitdefender
Cisco Meraki
Fortigate Firewall
Linux Server
PaloAlto Firewall
Passthrough
Peplink Device
SentinelOne
SentinelOne Cloud Funnel
Sophos UTM
Sonicwall Firewall
Sonicwall VPN
Time Adjustment
Windows NXLog
Zimperium
Fluency Processing Language
Operators
Data Types
String Functions
String Conditions
Array Functions
Map Functions
JSON Functions
Table Functions
Blob Functions
Control Blocks
Functions
Utility Functions
Environment Functions
Global Conditions
Global Functions
Parse Functions
Time Functions
Functions
Print Functions
How to write RegEx Pattern parsers for Fluency SIEM
Getting Regex From ChatGPT
Powered by
Alerts
Suggest Edits
Updated 8 months ago