Skip to content
Open in ChatGPT Open in Claude

Parsing Rules

May 2026

View as code (Beta)

Parsing Rules page showing rule type cards at the top and the Parsing rule groups grid below, with columns for name, rule types, application, subsystem, severities, last modified, and active status

Preview the Terraform and Kubernetes YAML representation of any saved rule group. Open from the rule list ⋮ more actions menu → View as Code. Tabs for Terraform (default) and K8s, with copy, download, search, and collapse/expand controls. Learn more

April 2024

Custom log enrichment and log normalization

Custom log enrichment is now even more intuitive — enrich logs from specific columns in your CSV file, download enriched files, and use them as data sources in DataPrime queries. Learn more

Log normalization — standardize keys for commonly occurring values across various security log types. Learn more

June 2022

Stringify and Parse JSON Field rules

Parsing Rules page showing rule type cards at the top and the Parsing rule groups grid below, with columns for name, rule types, application, subsystem, severities, last modified, and active status

New Parsing Rules — Stringify JSON Field and Parse JSON Field rules to parse escaped JSON values within a field to a valid JSON object and vice versa. Learn more

Need help? Contact Support.
What's new? Find out here.
LLM? Read llms.txt.