Required Event Type Fields

Welcome to Exabeam Security Content
- Security Content in the Legacy Structure
What is Security Content?
- The Security Content Pipeline
- The Content Library
Understanding the Log
- Do You Need a Parser?
  - Parsing for Data Lake
  - Parsing for Advanced Analytics
- Log Process Example
Exabeam Parsers
Exabeam Event Building
Exabeam Enrichment
Exabeam Persistence and Templates
Exabeam Models
Exabeam Rules

An event type's required fields ensure that an event has the minimum set of meaningful data for other components to process.

Components, like rules, machine learning algorithms, and Smart Timelines™, need a few basic data points to properly process an event. To ensure that an event contains these data points, Event Builder creates an event from a log only if that log contains the required data for a specific event type.

For example, the process-created event type has a process_name required field. To create an process-created event, a log must contain information about the process name.

Security ContentExabeam Security Content in the Legacy Structure

Table of ContentsTable of Contents

Required Event Type Fields