История

Robert Jaakke f3dc77f112 [Chore] Changed name to ASimDisabledParsers plural		2021-11-25 10:37:56 +01:00
..
ASimDisabledParsers.json	[Chore] Changed name to ASimDisabledParsers plural	2021-11-25 10:37:56 +01:00
ASimSourceType.json	Watchlists deploy buttons	2021-10-19 09:34:48 +03:00
readme.md	Rename product	2021-11-03 10:40:18 +02:00

readme.md

ASIM Watchlists

Use this page to ASIM Watchlists.

The Advanced Sentinel Information Mode (ASIM) enables you to use and create source-agnostic content, simplifying your analysis of the data in your Advanced Sentinel workspace.

Included watchlists:

Source Type: Use this watchlist to configure source machines identifying a source type. This watchlist is currenlty used by the Infoblox ASIM parser.
Parser Exclusion: Use this watchlist to exclude built-in source specific parsers from source agnostic parsers, without editing parsers.

For more information, see:

Normalization and the Advanced SIEM Information Model (ASIM)

Watchlist	Deploy
Source Types
Parser Exclusion