In this course, you will learn how to create parsers to extend the integration capability of FortiSIEM to a wider range of devices and custom applications. You will learn how parsers recognize the type of device or application that sent the data, extract and save key information from the log, and map the device type and log information to an event type.

Agenda:
1. Introduction
2. Regular Expressions
3. Event Format Recognizers
4. Parsing Instructions
5. Switch-Case Constructs
6. Custom CMDB Event Types
7. Choose-When Constructs
8. Key Value Pair Logs
9. Value List Logs
10. Advanced Features

This kit is not part of the NSE certification program. It includes:
• FortiSIEM Parser Study Guide
• FortiSIEM Parser Lab Guide (It does not include access to the lab environment. Lab time must be purchased separately.)