0 Replies Latest reply on Sep 23, 2015 7:11 PM by abhattacharjee

    Types of custom parser currently available with Nitro


      A very generic question to start with but probably asking this because of my ArcSight background.


      Anyway so far working with Nitro I understand that I can write usual regex for syslog. And even the document on "How to create a custom parser and troubleshoot" predominantly talks about creating custom rules inside "advanced syslog parser rules". I am still trying to figure out how many types of logs are supported (Ex: Single/multi file reader,XML reader, Application events from windows event viewer, custom DB parser).


      Any pointer to relevant document or pointers on the current limitations in terms of creating custom parser will immensely help.


      Thanks & Regards,

      Abhishek B