Jump to Content
Fluency
HomeGuidesRecipesAPI ReferenceChangelogDiscussions
v1.0

Log InFluency
Guides
Log In
v1.0HomeGuidesRecipesAPI ReferenceChangelogDiscussions

Documentation

  • Administration
    • User Management
      • Adding a User
      • Deleting and Disabling a User
      • Managing Roles
      • Audit
    • Access Tokens
    • Audit
    • On Premise Collectors
      • Adding a Collector
      • Collector Login
      • Install VMware version of the Collector
      • VMware OVA Images
  • Data Collection
    • Establishing the Collection Structure
      • Adding Data Sources
      • Creating a Processor
      • Adding a Processor to the Route
      • Data Sinks (Egress)
    • Platform Configuration
      • Reconfiguring a Data Source
      • Debugging and Editing a Parser (Processor)
      • Changing the Storage
      • Changing the Flow
    • HTTPs Event Collector (HEC)
    • Using Collectors
      • Cloud Collector
      • Remote (Virtual) Collector
      • Collector Login
      • VM Installation
      • VMWare OVA Images
    • Data Storage
  • Plugins and Integrations
    • Amazon Web Services (AWS) Integrations
      • Amazon S3 (w/ SQS)
      • AWS CloudTrail
      • AWS CloudTrail (Manual)
      • AWS GuardDuty
      • AWS Kinesis
    • Azure EventHubs
    • DUO
    • Email Audit and Protection
      • Mimecast
      • Proofprint
    • Endpoint Management
      • Bitdefender
      • Crowdstrike Falcon
      • SentinelOne
    • Google Workspace
    • System Notification Export
      • Slack
      • PagerDuty
      • ServiceNow
    • Microsoft (via OAuth)
      • Office365 Audit API
      • Office365 ResourceWatch
      • AzureAD (Entra ID) Audit
    • Cloud Business Software
      • Box.com Events API
    • Cloud Network Services
      • Cisco Umbrella (OpenDNS)
    • LDAP
    • Supported Devices/Products Matrix
  • Data Analysis (Event Watch)
    • Notable Events
      • Creating a Rule
        • 1. Describing the Rule
        • 2. Selection of Data
        • 3. Categorization of Rule
        • 4. Tracking Stateful Properties
        • Entity Information Lists
      • Managing Rules
      • Alerts
      • Actions (Raw Audit)
        • What is an Audit Log
        • Creating an Action
    • Risk Scoring
  • Notification Workflow
    • 1. Overview Summary
    • 2. Behavioral Summary (Case)
    • 3. Behavior Timeline
    • 4. Investigation
  • Reports
  • Metrics
  • Cookbooks
    • Reports
      • EventIngress
      • BehaviorSummary
      • LoadResources_AD
      • Office365_UserActivityInvestigation
      • AzureAD_Logins
    • Parsers
      • Bitdefender
      • Cisco Meraki
      • Fortigate Firewall
      • Linux Server
      • PaloAlto Firewall
      • Passthrough
      • Peplink Device
      • SentinelOne
      • SentinelOne Cloud Funnel
      • Sophos UTM
      • Sonicwall Firewall
      • Sonicwall VPN
      • Time Adjustment
      • Windows NXLog
      • Zimperium
  • Fluency Processing Language
    • Operators
    • Data Types
      • String Functions
      • String Conditions
      • Array Functions
      • Map Functions
      • JSON Functions
      • Table Functions
      • Blob Functions
    • Control Blocks
    • Functions
    • Utility Functions
      • Environment Functions
      • Global Conditions
      • Global Functions
      • Parse Functions
      • Time Functions
      • Functions
      • Print Functions
    • How to write RegEx Pattern parsers for Fluency SIEM
      • Getting Regex From ChatGPT
  • Replay
    • Getting Started
      • Prerequisites
      • Configuration
Powered by