Security ContentExabeam How Content Works Guide

Table of Contents

Introduction to How Content Works

These topics will help you understand the following Exabeam content areas:

  • Understanding the Log

    • When to parse ingested logs in Data Lake and Advanced Analytics

    • Information that is provided in a log and the minimal critical fields

    • Mapping a log to an Exabeam event

    • Example log process

  • Parsers

    • Associating a log with a parser

    • Extracting values using regular expressions

    • Parser parameter definition

    • Testing a parser on Advanced Analytics

  • Event Building

    • Matching parsers to event builders

    • Event builder configurations

    • Event stitching

  • Enrichment

    • Types of enrichment

    • Enrichment use cases

    • Event enricher configurations

  • Models

    • Types of models

    • Model attributes

    • Model categories

  • Rules

    • Types of rules

    • Creating rules

    • Rule attributes