[go: up one dir, main page]
This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question
Tonio
Bronze 4
Bronze 4
Since ‎03-06-2023
yesterday

My Stats

  • 10 Posts
  • 0 Solutions
  • 5 Likes given
  • 5 Likes received

Tonio's Bio

Badges Tonio Earned

View all badges

Recent Activity

Sharepoint parser or not?

Monday
Hello everybody!A client requested to inject "Sharepoint" into their SIEM instance so, as usual, the first thing I have done was to check with the supported log type list. Here I can find, as supporter but not available: "Microsoft SharePoint - SHARE...

Is there any SiemplifyAction library classes/objects list?

2 weeks ago
Hello everyone,I am trying to develop a new integration/action, and from the IDE documentation I see the 'SiemplifyAction' library, much useful to extrapolate and work with info from the case/alerts. From these pages I see details on its modules but ...

Parsing CEF format or other fields containing separator character within

04-10-2024
Hello everyone,I am having a quite hard time trying to parse a MalwareByte logs in CEF + KV format, since the kv pairs are separated by a simple space and several values contains spaces as well. Here a (reconstructed) example: <13>Apr 8 14:59:06 cerc...

Parser validation random responses??

03-26-2024
Hello everyone,I am in the process of finalizing a parser, trying to debug the validation errors I recive when adding themutate {merge => {"@output" => session "event"}} Here I encountered a strange behavior of the response: it keeps changing, even t...
Likes from