CrowdStrike Parsing Standard (CPS)
The standard for our data format as parsed in Next-Gen SIEM.
Next-Gen SIEM Data
CrowdStrike Parsing Standard (CPS), a starter template, and guidelines
Helpful documentation for Next-Gen SIEM.
Parser Template
Starter template and examples for writing your own parser.
event.module guidelines
A list of module names that are used in parsers for the #event.module tag.
Vendor Guidelines
A list of vendors that are used in packages for the #Vendor tag.