850 B
850 B
Microsoft Windows Events ASIM parsers
This template deploys all [Microsoft Windows Event] ASIM parsers. The template is part of the Advanced SIEM Information Model (ASIM).The Advanced SIEM Information Model (ASIM) enables you to use and create source-agnostic content, simplifying your analysis of the data in your Microsoft Sentinel workspace.
For more information, see:
The template deploys the following:
- vimRegistryEventMicrosoftWindowsEvent
- vimProcessCreateMicrosoftWindowsEvents
- vimProcessTerminateMicrosoftWindowsEvents
- vimAuthenticationMicrosoftWindowsEvent