• Home
>
• Resources
>
• Data Sheet

Working with Context and Parsing in Log Stream

Data Sheet

EDU-3220

After finishing this course, you’ll have the skills and knowledge needed to use Context Management to create, collect, and maintain context in the Exabeam Security Operations Platform. You’ll also learn how to inject these New-Scale context tables into Advanced Analytics and Data Lake. Next, you’ll explore the relationship between the Unified Ingestion Pipeline and the Log Stream application, specifically the roles of parsers, event builders, and enrichers on the data flow.

The hands-on lab exercises will give you practice creating and populating context tables from CSV files and Active Directory, as well as custom dynamic context tables filtered from Active Directory attributes. After identifying unparsed log data in Search, you’ll use Parser Management in Log Stream to build a custom parser with conditional event builders. Finally, you’ll explore the Live Tail application and use it to further customize your new parser and validate the results.