Hey Team,
I'm looking for a way to parse raw logs outside of Chronicle to UDM, does something like that exist? or will we need to make something in-house
Hi @Abdul_Noorudeen , you can take a look here https://cloud.google.com/chronicle/docs/reference/ingestion-api#udmevents. It enables a customer to create a direct UDM object as JSON.
Here you can check some python API examples - https://github.com/chronicle/api-samples-python/blob/master/ingestion/create_udm_events.py
Hello @AbdulNC You can leverage https://apps.chronicle.security/partner-tools/