The following supported default parsers have changed. Each is listed by product name and log_type value, if applicable

## Change The following supported default parsers have changed. Each is listed by product name and `log_type` value, if applicable. * AIX system (`AIX_SYSTEM`) * Arcsight CEF (`ARCSIGHT_CEF`) * Arista Switch (`ARISTA_SWITCH`) * Aruba (`ARUBA_WIRELESS`) * Aruba Switch (`ARUBA_SWITCH`) * Attivo Networks (`ATTIVO`) * AWS Cloudtrail (`AWS_CLOUDTRAIL`) * AWS Control Tower (`AWS_CONTROL_TOWER`) * AWS Elastic Load Balancer (`AWS_ELB`) * AWS WAF (`AWS_WAF`) * Azure AD (`AZURE_AD`) * Azure AD Directory Audit (`AZURE_AD_AUDIT`) * Azure AD Organizational Context (`AZURE_AD_CONTEXT`) * Azure Application Gateway (`AZURE_GATEWAY`) * Azure Storage Audit (`AZURE_STORAGE_AUDIT`) * Azure WAF (`AZURE_WAF`) * Barracuda Firewall (`BARRACUDA_FIREWALL`) * BeyondTrust Endpoint Privilege Management (`BEYONDTRUST_ENDPOINT`) * BigQuery (`N/A`) * Blue Coat Proxy (`BLUECOAT_WEBPROXY`) * Brocade Switch (`BROCADE_SWITCH`) * Check Point (`CHECKPOINT_FIREWALL`) * Cisco ASA (`CISCO_ASA_FIREWALL`) * Cisco Firepower NGFW (`CISCO_FIREPOWER_FIREWALL`) * Cisco FireSIGHT Management Center (`CISCO_FIRESIGHT`) * Cisco Internetwork Operating System (`CISCO_IOS`) * Cisco ISE (`CISCO_ISE`) * Cisco Meraki (`CISCO_MERAKI`) * Cisco VPN (`CISCO_VPN`) * Cisco WLC/WCS (`CISCO_WIRELESS`) * Citrix Netscaler (`CITRIX_NETSCALER`) * Claroty Enterprise Management Console (`CLAROTY_EMC`) * Cloud Audit Logs (`N/A`) * Cloud Intrusion Detection System (`GCP_IDS`) * Corelight (`CORELIGHT`) * CrowdStrike Detection Monitoring (`CS_DETECTS`) * CrowdStrike Falcon (`CS_EDR`) * CyberArk (`CYBERARK`) * Cyberark Privilege Cloud (`CYBERARK_PRIVILEGE_CLOUD`) * Cybergatekeeper NAC (`CYBERGATEKEEPER_NAC`) * Darktrace (`DARKTRACE`) * Dell ECS Enterprise Object Storage (`DELL_ECS`) * Dell Switch (`DELL_SWITCH`) * Elastic Packet Beats (`ELASTIC_PACKETBEATS`) * ESET (`ESET_EDR`) * ESET AV (`ESET_AV`) * F5 Advanced Firewall Management (`F5_AFM`) * F5 ASM (`F5_ASM`) * F5 BIGIP LTM (`F5_BIGIP_LTM`) * FireEye HX (`FIREEYE_HX`) * FireEye NX Audit (`FIREEYE_NX_AUDIT`) * Firewall Rule Logging (`N/A`) * Forcepoint DLP (`FORCEPOINT_DLP`) * Forescout NAC (`FORESCOUT_NAC`) * Forgerock OpenIdM (`FORGEROCK_OPENIDM`) * FortiGate (`FORTINET_FIREWALL`) * Fortinet FortiAnalyzer (`FORTINET_FORTIANALYZER`) * Fortra Powertech SIEM Agent (`FORTRA_POWERTECH_SIEM_AGENT`) * Cloud NAT (`N/A`) * GCP\_SWP (`GCP_SWP`) * Gitlab (`GITLAB`) * GMAIL Logs (`GMAIL_LOGS`) * GMV Checker ATM Security (`GMV_CHECKER`) * Guardicore Centra (`GUARDICORE_CENTRA`) * HPE BladeSystem C7000 (`HPE_BLADESYSTEM_C7000`) * HYPR MFA (`HYPR_MFA`) * IBM AS/400 (`IBM_AS400`) * IBM DS8000 Storage (`IBM_DS8000`) * IBM Guardium (`GUARDIUM`) * IBM Tape Storages (`IBM_LTO`) * IBM Tivoli (`IBM_TIVOLI`) * IBM-i Operating System (`IBM_I`) * Illumio Core (`ILLUMIO_CORE`) * Imperva (`IMPERVA_WAF`) * Imperva Advanced Bot Protection (`IMPERVA_ABP`) * Imperva SecureSphere Management (`IMPERVA_SECURESPHERE`) * Infoblox (`INFOBLOX`) * ION Spectrum (`ION_SPECTRUM`) * Ipswitch MOVEit Transfer (`IPSWITCH_MOVEIT_TRANSFER`) * Jamf Protect Alerts (`JAMF_PROTECT`) * Jamf Protect Telemetry (`JAMF_TELEMETRY`) * Juniper Junos (`JUNIPER_JUNOS`) * Juniper MX Router (`JUNIPER_MX`) * Kubernetes Node (`KUBERNETES_NODE`) * LastPass Password Management (`LASTPASS`) * Linux Auditing System (AuditD) (`AUDITD`) * McAfee Enterprise Security Manager (`MCAFEE_ESM`) * Medigate IoT (`MEDIGATE_IOT`) * Microsoft AD (`WINDOWS_AD`) * Microsoft Azure Activity (`AZURE_ACTIVITY`) * Microsoft Defender for Endpoint (`MICROSOFT_DEFENDER_ENDPOINT`) * Microsoft Defender for Identity (`MICROSOFT_DEFENDER_IDENTITY`) * Microsoft Exchange (`EXCHANGE_MAIL`) * Microsoft Graph API Alerts (`MICROSOFT_GRAPH_ALERT`) * Microsoft IAS Server (`MICROSOFT_IAS`) * Microsoft Intune (`AZURE_MDM_INTUNE`) * Microsoft SQL Server (`MICROSOFT_SQL`) * Mongo Database (`MONGO_DB`) * Netscout Arbor Sightline (`ARBOR_SIGHTLINE`) * Netskope Web Proxy (`NETSKOPE_WEBPROXY`) * NGFW Enterprise (`GCP_NGFW_ENTERPRISE`) * Office 365 (`OFFICE_365`) * Office 365 Message Trace (`OFFICE_365_MESSAGETRACE`) * Opengear Remote Management (`OPENGEAR`) * Oracle (`ORACLE_DB`) * OSQuery (`OSQUERY_EDR`) * OSSEC (`OSSEC`) * Palo Alto Cortex XDR Alerts (`CORTEX_XDR`) * Palo Alto Networks Firewall (`PAN_FIREWALL`) * Palo Alto Prisma Cloud (`PAN_PRISMA_CLOUD`) * PerimeterX Bot Protection (`PERIMETERX_BOT_PROTECTION`) * Phishlabs (`PHISHLABS`) * Proofpoint Tap Alerts (`PROOFPOINT_MAIL`) * Pulse Secure (`PULSE_SECURE_VPN`) * Riverbed Steelhead (`STEELHEAD`) * RSA SecurID Access Identity Router (`RSA_SECURID`) * SAP SM20 (`SAP_SM20`) * SAP SuccessFactors (`SAP_SUCCESSFACTORS`) * SAP Webdispatcher (`SAP_WEBDISP`) * Security Command Center Posture Violation (`GCP_SECURITYCENTER_POSTURE_VIOLATION`) * Security Command Center Threat (`N/A`) * Security Command Center Toxic Combination (`GCP_SECURITYCENTER_TOXIC_COMBINATION`) * Sentinelone Alerts (`SENTINELONE_ALERT`) * SentinelOne EDR (`SENTINEL_EDR`) * SentinelOne Singularity Cloud Funnel (`SENTINELONE_CF`) * Snare System Diagnostic Logs (`SNARE_SOLUTIONS`) * Solaris system (`SOLARIS_SYSTEM`) * SonicWall (`SONIC_FIREWALL`) * Sonicwall Secure Mobile Access (`SONICWALL_SMA`) * Splunk Platform (`SPLUNK`) * Squid Web Proxy (`SQUID_WEBPROXY`) * Suricata EVE (`SURICATA_EVE`) * Suricata IDS (`SURICATA_IDS`) * Swift Alliance Messaging Hub (`SWIFT_AMH`) * Symantec CloudSOC CASB (`SYMANTEC_CASB`) * Symantec DLP (`SYMANTEC_DLP`) * Tenable OT (`TENABLE_OT`) * Tetragon Ebpf Audit Logs (`TETRAGON_EBPF_AUDIT_LOGS`) * Trellix HX Event Streamer (`TRELLIX_HX_ES`) * Trend Micro (`TIPPING_POINT`) * Trend Micro Cloud one (`TRENDMICRO_CLOUDONE`) * Trend Micro Deep Security (`TRENDMICRO_DEEP_SECURITY`) * TrendMicro Apex Central (`TRENDMICRO_APEX_CENTRAL`) * TrendMicro Web Proxy (`TRENDMICRO_WEBPROXY`) * Unifi AP (`UNIFI_AP`) * Unix system (`NIX_SYSTEM`) * Vectra Detect (`VECTRA_DETECT`) * VeridiumID by Veridium (`VERIDIUM_ID`) * VPC Flow Logs (`GCP_VPC_FLOW`) * Windows Defender ATP (`WINDOWS_DEFENDER_ATP`) * Windows DNS (`WINDOWS_DNS`) * Windows Event (`WINEVTLOG`) * Windows Event (XML) (`WINEVTLOG_XML`) * Windows Network Policy Server (`WINDOWS_NET_POLICY_SERVER`) * Windows Sysmon (`WINDOWS_SYSMON`) * Workspace Activities (`WORKSPACE_ACTIVITY`) * Workspace Alerts (`WORKSPACE_ALERTS`) * Workspace ChromeOS Devices (`WORKSPACE_CHROMEOS`) * Workspace Groups (`WORKSPACE_GROUPS`) * Workspace Mobile Devices (`WORKSPACE_MOBILE`) * Workspace Privileges (`WORKSPACE_PRIVILEGES`) * Workspace Users (`WORKSPACE_USERS`) * YAMAHA ROUTER RTX1200 (`YAMAHA_ROUTER`) * Zeek JSON (`BRO_JSON`) * Zimperium (`ZIMPERIUM`) * Zscaler (`ZSCALER_WEBPROXY`) * Zscaler CASB (`ZSCALER_CASB`) * ZScaler NGFW (`ZSCALER_FIREWALL`) The following log types, without a default parser, were added. Each is listed by product name and `log_type` value, if applicable. * Adaxes (`ADAXES`) * Air Table (`AIR_TABLE`) * Alert Enterprise Guardian (`ALERT_GUARDIAN`) * Amavis (`AMAVIS`) * Atlassian Beacon (`ATLASSIAN_BEACON`) * Banner dd (`BANNER_DD`) * BetterStack Uptime (`BETTERSTACK_UPTIME`) * BloodHound (`BLOODHOUND`) * Core Privileged Access Manager (BoKS) (`BOKS`) * Cisco Secure Access (`CISCO_SECURE_ACCESS`) * Cleafy (`CLEAFY`) * Clear Bank Portal Audit (`CLEARBANK_PORTAL`) * CloudBees (`CLOUDBEES`) * Comforte SecurDPS (`COMFORTE_SECURDPS`) * Control Plane (`CONTROL_PLANE`) * Corrata (`CORRATA`) * Cubist Audit (`CUBIST_AUDIT`) * C Zentrix (`C_ZENTRIX`) * DefectDojo (`DEFECTDOJO`) * Dmarcian (`DMARCIAN`) * DocuSign (`DOCUSIGN`) * Duo Activity Logs (`DUO_ACTIVITY`) * E2 Guardian (`E2_GUARDIAN`) * Egress Defend (`EGRESS_DEFEND`) * Egress Prevent (`EGRESS_PREVENT`) * Emsisoft AntiVirus (`EMSISOFT_ANTIVIRUS`) * F5 System Logs (`F5_SYSTEM_LOGS`) * Fastly CDN (`FASTLY_CDN`) * FireEye CMS (`FIREEYE_CMS`) * Forcepoint Mail Relay (`FORCEPOINT_MAIL_RELAY`) * Google Ads (`GOOGLE_ADS`) * H3C Comware Platform Switch * Halcyon Anti Ransomware (`HALCYON`) * Halo (`HALO`) * HP Poly (`HP_POLY`) * Huawei CloudEngine (`HUAWEI_CLOUDENGINE`) * Intruder.IO (`INTRUDER_IO`) * Ivanti Connect Secure (`IVANTI_CONNECT_SECURE`) * Keyfactor (`KEYFACTOR`) * Kyverno (`KYVERNO`) * LaunchDarkly (`LAUNCH_DARKLY`) * LeanIX Enterprise (`LEANIX`) * Leanix CMDB (`LEANIX_CMDB`) * Lucid (`LUCID`) * Lumeta Spectre (`LUMETA`) * ManageEngine Asset Explorer (`MANAGE_ENGINE_ASSET_EXPLR`) * ManageEngine Endpoint Central (`MANAGE_ENGINE_ENDPT_CNTRL`) * Mandiant Digital Threat Monitoring (`MANDIANT_DTM_ALERTS`) * Manhattan Warehouse Management System (`MANHATTAN_WMS`) * Mend IO (`MEND_IO`) * Meta Marketing (`META_MARKETING`) * Miasma SecretScanner (`MIASMA_SECRETSCANNER`) * Microsoft Ads (`MICROSOFT_ADS`) * Microsoft Purview (`MICROSOFT_PURVIEW`) * ModSecurity (`MODSECURITY`) * Netapp Storagegrid (`NETAPP_STORAGEGRID`) * NetBrain (`NETBRAIN`) * Netenrich Entity Context (`NETENRICH_ENTITY_CONTEXT`) * Netwrix Activity Monitor (`NETWRIX_ACTIVITY_MONITOR`) * Netwrix Stealth Intercept (`NETWRIX_STEALTH_INTERCEPT`) * Netwrix Threat Manager (`NETWRIX_THREAT_MANAGER`) * Nexus Sonatype (`NEXUS_SONATYPE`) * Oracle Fusion (`ORACLE_FUSION`) * PAGELY (`PAGELY`) * Palantir (`PALANTIR`) * Proofpoint Meta (`PROOFPOINT_META`) * Qumulo FS (`QUMULO_FS`) * Radware Alteon (`RADWARE_ALTEON`) * SailPoint IdentityIQ (`SAILPOINT_IIQ`) * Sentinelone Activity (`SENTINELONE_ACTIVITY`) * Siga Level Zero OT Resilience (`SIGA`) * Site24x7 (`SITE24X7`) * Winevtlog Snare (`SNARE_WINEVTLOG`) * Solar System (`SOLAR_SYSTEM`) * Stealthbits DLP (`STEALTHBITS_DLP`) * Symantec VIP Authentication Hub (`SYMANTEC_VIP_AUTHHUB`) * Temenos Journey Manager System Event Publisher (`TEMENOS_MANAGER_SYSTEMEVENT`) * Teradata Aster (`TERADATA_ASTER`) * Tiktok for Developers (`TIKTOK`) * Transmit BindID (`TRANSMIT_BINDID`) * Trend Micro Vision One Audit (`TRENDMICRO_VISION_ONE_AUDIT`) * Trend Micro Vision One Observerd Attack Techniques (`TRENDMICRO_VISION_ONE_OBSERVERD_ATTACK_TECHNIQUES`) * Trend Micro Vision One Workbench (`TRENDMICRO_VISION_ONE_WORKBENCH`) * TrueNAS (`TRUENAS`) * E-Motional Transparent Screen Lock TSL RFID (`TSL_PRO`) * UPX AntiDDoS (`UPX_ANTIDDOS`) * Verba Recording System (`VERBA_REC`) * Vercara (`VERCARA`) * Veza Access Control Platform (`VEZA`) * Web Methods Api Gateway (`WEBMETHODS_API_GATEWAY`) For a list of supported log types and details about default parser changes, see [Supported log types and default parsers](https://cloud.google.com/chronicle/docs/ingestion/parser-list/supported-default-parsers).