This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

UDM parsing outside of Chronicle

Posted on 06-08-2023 12:56 PM
AbdulNC
New Member
Reply posted on --/--/---- --:-- AM

Hey Team,

I'm looking for a way to parse raw logs outside of Chronicle to UDM, does something like that exist? or will we need to make something in-house

0 2 377
Topic Labels
0 Likes
2 REPLIES 2

Posted on --/--/---- --:-- AM
Gal_Polak1
New Member
Reply posted on --/--/---- --:-- AM

Hi @Abdul_Noorudeen , you can take a look here https://cloud.google.com/chronicle/docs/reference/ingestion-api#udmevents. It enables a customer to create a direct UDM object as JSON.

Here you can check some python API examples - https://github.com/chronicle/api-samples-python/blob/master/ingestion/create_udm_events.py

0 Likes

Posted on --/--/---- --:-- AM
alikapucu
Staff
Reply posted on --/--/---- --:-- AM

Hello @AbdulNC  You can leverage https://apps.chronicle.security/partner-tools/

 

Top Solution Authors
View all