This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
Webinar May 14th: Gemini's generative AI within Google SecOps
Webinar May 29th: Log Ingestion: Bindplane + Google SecOps
Log in to ask a question

Difference between all Crowdstrike available Parsers

Posted on 02-09-2024 04:11 AM
TPankaj
Bronze 5
Bronze 5
Reply posted on --/--/---- --:-- AM

Hi Everyone,

As per Chronicle documenation , we have 4 below pre built parsers. Would you please let me know the difference bewteen them ? I can see two parsers for the same category EDR.

 

Vendor / Product Category Ingestion label Format Latest Update

CrowdStrike Detection MonitoringEDRCS_DETECTSJSON2023-07-21
View Change
CrowdStrike FalconEDRCS_EDRJSON2023-12-22
View Change
CrowdStrike Falcon StreamAlertsCS_STREAMKV (LEEF)2022-07-18
View Change
Crowdstrike IOCIOCCROWDSTRIKE_IOCJSON2023-08-23
View Change
3 23 5,417
Topic Labels
23 REPLIES 23
Top Solution Authors
View all