Google SecOps has updated the list of supported default parsers

## Change Change Google SecOps has updated the list of supported default parsers. Parsers are updated gradually, so it might take one to four days before you see the changes reflected in your region. The following supported default parsers have been updated. Each parser is listed by product name and `log_type` value, where applicable. This list includes both released default parsers and pending parser updates. * 1Password (`ONEPASSWORD`) * A10 Load Balancer (`A10_LOAD_BALANCER`) * Abnormal Security (`ABNORMAL_SECURITY`) * AIX system (`AIX_SYSTEM`) * Akamai SIEM Connector (`AKAMAI_SIEM_CONNECTOR`) * AlgoSec Security Management (`ALGOSEC`) * Amazon API Gateway (`AWS_API_GATEWAY`) * Amazon VPC Transit Gateway Flow Logs (`AWS_VPC_TRANSIT_GATEWAY`) * Apache (`APACHE`) * Arcsight CEF (`ARCSIGHT_CEF`) * Arista Switch (`ARISTA_SWITCH`) * Armis Activities (`ARMIS_ACTIVITIES`) * Aruba (`ARUBA_WIRELESS`) * Aruba Switch (`ARUBA_SWITCH`) * Attivo Networks (`ATTIVO`) * Auth0 (`AUTH_ZERO`) * AWS Aurora (`AWS_AURORA`) * AWS CloudFront (`AWS_CLOUDFRONT`) * AWS Cloudtrail (`AWS_CLOUDTRAIL`) * AWS CloudWatch (`AWS_CLOUDWATCH`) * AWS Config (`AWS_CONFIG`) * AWS GuardDuty (`GUARDDUTY`) * AWS Security Hub (`AWS_SECURITY_HUB`) * AWS Session Manager (`AWS_SESSION_MANAGER`) * AWS VPC Flow (`AWS_VPC_FLOW`) * Azure AD (`AZURE_AD`) * Azure AD Directory Audit (`AZURE_AD_AUDIT`) * Azure AD Organizational Context (`AZURE_AD_CONTEXT`) * Azure Firewall (`AZURE_FIREWALL`) * Azure Storage Audit (`AZURE_STORAGE_AUDIT`) * Barracuda Firewall (`BARRACUDA_FIREWALL`) * BeyondTrust (`BOMGAR`) * BeyondTrust BeyondInsight (`BEYONDTRUST_BEYONDINSIGHT`) * BeyondTrust Secure Remote Access (`BEYONDTRUST_REMOTE_ACCESS`) * Bindplane Agent (`BINDPLANE_AGENT`) * Bitdefender (`BITDEFENDER`) * Blue Coat Proxy (`BLUECOAT_WEBPROXY`) * Cambium Networks (`CAMBIUM_NETWORKS`) * Carbon Black (`CB_EDR`) * Carbon Black App Control (`CB_APP_CONTROL`) * Cequence Bot Defense (`CEQUENCE_BOT_DEFENSE`) * Check Point (`CHECKPOINT_FIREWALL`) * Check Point Sandblast (`CHECKPOINT_EDR`) * Chrome Management (`CHROME_MANAGEMENT`) * CipherTrust Manager (`CIPHERTRUST_MANAGER`) * Cisco AMP (`CISCO_AMP`) * Cisco ASA (`CISCO_ASA_FIREWALL`) * Cisco Email Security (`CISCO_EMAIL_SECURITY`) * Cisco Firepower NGFW (`CISCO_FIREPOWER_FIREWALL`) * Cisco Firewall Services Module (`CISCO_FWSM`) * Cisco Internetwork Operating System (`CISCO_IOS`) * Cisco IronPort (`CISCO_IRONPORT`) * Cisco ISE (`CISCO_ISE`) * Cisco Meraki (`CISCO_MERAKI`) * Cisco Router (`CISCO_ROUTER`) * Cisco Secure Access (`CISCO_SECURE_ACCESS`) * Cisco Stealthwatch (`CISCO_STEALTHWATCH`) * Cisco Switch (`CISCO_SWITCH`) * Cisco UCM (`CISCO_UCM`) * Cisco Umbrella Audit (`CISCO_UMBRELLA_AUDIT`) * Cisco Umbrella Cloud Firewall (`UMBRELLA_FIREWALL`) * Cisco Umbrella DNS (`UMBRELLA_DNS`) * Cisco Umbrella IP (`UMBRELLA_IP`) * Cisco Umbrella SWG DLP (`CISCO_UMBRELLA_SWG_DLP`) * Cisco Umbrella Web Proxy (`UMBRELLA_WEBPROXY`) * Cisco WSA (`CISCO_WSA`) * Citrix Netscaler (`CITRIX_NETSCALER`) * Claroty Continuous Threat Detection (`CLAROTY_CTD`) * Claroty Xdome (`CLAROTY_XDOME`) * Cloudflare (`CLOUDFLARE`) * Cloudflare Network Analytics (`CLOUDFLARE_NETWORK_ANALYTICS`) * Cloudflare WAF (`CLOUDFLARE_WAF`) * Cloudflare Warp (`CLOUDFLARE_WARP`) * Code42 Incydr (`CODE42_INCYDR`) * Corelight (`CORELIGHT`) * CoSoSys Protector (`ENDPOINT_PROTECTOR_DLP`) * CrowdStrike Alerts API (`CS_ALERTS`) * CrowdStrike Falcon (`CS_EDR`) * CrowdStrike Falcon Stream (`CS_STREAM`) * Cyber 2.0 IDS (`CYBER_2_IDS`) * CyberArk Endpoint Privilege Manager (EPM) (`CYBERARK_EPM`) * Cyberark Privilege Cloud (`CYBERARK_PRIVILEGE_CLOUD`) * CyberArk Privileged Access Manager (PAM) (`CYBERARK_PAM`) * Cybereason EDR (`CYBEREASON_EDR`) * Cynet 360 AutoXDR (`CYNET_360_AUTOXDR`) * Cyolo Secure Remote Access for OT (`CYOLO_OT`) * Darktrace (`DARKTRACE`) * Delinea Secret Server (`DELINEA_SECRET_SERVER`) * Digital Guardian DLP (`DIGITALGUARDIAN_DLP`) * Digital Guardian EDR (`DIGITALGUARDIAN_EDR`) * DigitalArts i-Filter (`DIGITALARTS_IFILTER`) * Dummy LogType (`DUMMY_LOGTYPE`) * EfficientIP DDI (`EFFICIENTIP_DDI`) * ESET AV (`ESET_AV`) * ESET Threat Intelligence (`ESET_IOC`) * Extreme Networks Switch (`EXTREME_SWITCH`) * F5 Advanced Firewall Management (`F5_AFM`) * F5 ASM (`F5_ASM`) * F5 BIGIP Access Policy Manager (`F5_BIGIP_APM`) * F5 Silverline (`F5_SILVERLINE`) * FireEye ETP (`FIREEYE_ETP`) * Fluentd Logs (`FLUENTD`) * Forcepoint NGFW (`FORCEPOINT_FIREWALL`) * Forcepoint DLP (`FORCEPOINT_DLP`) * Forcepoint Proxy (`FORCEPOINT_WEBPROXY`) * Forescout NAC (`FORESCOUT_NAC`) * FortiGate (`FORTINET_FIREWALL`) * Fortinet FortiAnalyzer (`FORTINET_FORTIANALYZER`) * Fortinet FortiEDR (`FORTINET_FORTIEDR`) * GCP Abuse Events Logs (`GCP_ABUSE_EVENTS`) * GitHub (`GITHUB`) * GMV Checker ATM Security (`GMV_CHECKER`) * Google Cloud Apigee (`GCP_APIGEE`) * Google Cloud Audit (`GCP_CLOUDAUDIT`) * Google Cloud Security Center Threat (`GCP_SECURITYCENTER_THREAT`) * Google Threat Intelligence IOC (`GTI_IOC`) * GTB Technologies DLP (`GTB_DLP`) * H3C Comware Platform Switch (`H3C_SWITCH`) * Halcyon Anti Ransomware (`HALCYON`) * HP Aruba (ClearPass) (`CLEARPASS`) * HP Linux (`HP_LINUX`) * HP Procurve Switch (`HP_PROCURVE`) * IBM AS/400 (`IBM_AS400`) * IBM Security Verify Access (`IBM_SVA`) * IBM WebSEAL (`IBM_WEBSEAL`) * IBM Websphere Application Server (`IBM_WEBSPHERE_APP_SERVER`) * IBM z/OS (`IBM_ZOS`) * Imperva (`IMPERVA_WAF`) * Imperva DRA (`IMPERVA_DRA`) * Imperva SecureSphere Management (`IMPERVA_SECURESPHERE`) * Infoblox (`INFOBLOX`) * Infoblox DHCP (`INFOBLOX_DHCP`) * Infoblox DNS (`INFOBLOX_DNS`) * ION Spectrum (`ION_SPECTRUM`) * Ionix (`IONIX`) * Ipswitch MOVEit Transfer (`IPSWITCH_MOVEIT_TRANSFER`) * Island Browser logs (`ISLAND_BROWSER`) * JAMF Pro (`JAMF_PRO`) * Jamf Protect Telemetry V2 (`JAMF_TELEMETRY_V2`) * JFrog Artifactory (`JFROG_ARTIFACTORY`) * Journald (`JOURNALD`) * JumpCloud Directory Insights (`JUMPCLOUD_DIRECTORY_INSIGHTS`) * Juniper (`JUNIPER_FIREWALL`) * Juniper Junos (`JUNIPER_JUNOS`) * Kaspersky AV (`KASPERSKY_AV`) * Kaspersky Endpoint (`KASPERSKY_ENDPOINT`) * Keycloak (`KEYCLOAK`) * Kiteworks (`KITEWORKS`) * Kubernetes Node (`KUBERNETES_NODE`) * Linux Auditing System (AuditD) (`AUDITD`) * Linux Sysmon (`LINUX_SYSMON`) * McAfee ePolicy Orchestrator (`MCAFEE_EPO`) * Microsoft AD FS (`ADFS`) * Microsoft Azure NSG Flow (`AZURE_NSG_FLOW`) * Microsoft Defender for Endpoint (`MICROSOFT_DEFENDER_ENDPOINT`) * Microsoft Defender for Office 365 (`MICROSOFT_DEFENDER_MAIL`) * Microsoft Exchange (`EXCHANGE_MAIL`) * Microsoft Graph API Alerts (`MICROSOFT_GRAPH_ALERT`) * Microsoft IIS (`IIS`) * Microsoft Intune (`AZURE_MDM_INTUNE`) * Microsoft PowerShell (`POWERSHELL`) * Microsoft Sentinel (`MICROSOFT_SENTINEL`) * Microsoft SQL Server (`MICROSOFT_SQL`) * Mikrotik Router (`MIKROTIK_ROUTER`) * Mimecast Mail V2 (`MIMECAST_MAIL_V2`) * MISP Threat Intelligence (`MISP_IOC`) * Mobileiron (`MOBILEIRON`) * NetApp ONTAP (`NETAPP_ONTAP`) * Netscout (`ARBOR_EDGE_DEFENSE`) * Netskope CASB (`NETSKOPE_CASB`) * Netskope V2 (`NETSKOPE_ALERT_V2`) * Netskope Web Proxy (`NETSKOPE_WEBPROXY`) * Nexus Sonatype (`NEXUS_SONATYPE`) * Nozomi Networks Scada Guardian (`NOZOMI_GUARDIAN`) * Obsidian (`OBSIDIAN`) * Office 365 (`OFFICE_365`) * Okta (`OKTA`) * Open Cybersecurity Schema Framework (OCSF) (`OCSF`) * Open LDAP (`OPENLDAP`) * Opnsense (`OPNSENSE`) * Opswat Metadefender (`OPSWAT_METADEFENDER`) * Oracle (`ORACLE_DB`) * Oracle Cloud Infrastructure Audit Logs (`OCI_AUDIT`) * Oracle Cloud Infrastructure VCN Flow Logs (`OCI_FLOW`) * Orca Cloud Security Platform (`ORCA`) * Palo Alto Cortex XDR Alerts (`CORTEX_XDR`) * Palo Alto Cortex XDR Events (`PAN_CORTEX_XDR_EVENTS`) * Palo Alto Networks Firewall (`PAN_FIREWALL`) * Palo Alto Panorama (`PAN_PANORAMA`) * Palo Alto Prisma Cloud Alert payload (`PAN_PRISMA_CA`) * Passwordstate (`PASSWORDSTATE`) * Ping Federate (`PING_FEDERATE`) * Ping Identity (`PING`) * Ping One (`PING_ONE`) * PingIdentity Directory Server Logs (`PING_DIRECTORY`) * PostFix Mail (`POSTFIX_MAIL`) * PostgreSQL (`POSTGRESQL`) * Proofpoint Observeit (`OBSERVEIT`) * Proofpoint On Demand (`PROOFPOINT_ON_DEMAND`) * Proofpoint Tap Alerts (`PROOFPOINT_MAIL`) * Proofpoint Threat Response (`PROOFPOINT_TRAP`) * Radware Web Application Firewall (`RADWARE_FIREWALL`) * RSA (`RSA_AUTH_MANAGER`) * Ruckus Networks (`RUCKUS_WIRELESS`) * SailPoint IAM (`SAILPOINT_IAM`) * Salesforce (`SALESFORCE`) * Sangfor Next Generation Firewall (`SANGFOR_NGAF`) * Security Command Center Chokepoint (`GCP_SECURITYCENTER_CHOKEPOINT`) * Security Command Center Posture Violation (`GCP_SECURITYCENTER_POSTURE_VIOLATION`) * Security Command Center Toxic Combination (`GCP_SECURITYCENTER_TOXIC_COMBINATION`) * Semperis DSP (`SEMPERIS_DSP`) * Sentinelone Activity (`SENTINELONE_ACTIVITY`) * SentinelOne Deep Visibility (`SENTINEL_DV`) * ServiceNow Audit (`SERVICENOW_AUDIT`) * Solaris system (`SOLARIS_SYSTEM`) * SonicWall (`SONIC_FIREWALL`) * Squid Web Proxy (`SQUID_WEBPROXY`) * STIX Threat Intelligence (`STIX`) * Swift Alliance Messaging Hub (`SWIFT_AMH`) * Symantec Endpoint Protection (`SEP`) * Tanium Audit (`TANIUM_AUDIT`) * Tanium Integrity Monitor (`TANIUM_INTEGRITY_MONITOR`) * Tanium Threat Response (`TANIUM_THREAT_RESPONSE`) * Teleport Access Plane (`TELEPORT_ACCESS_PLANE`) * Tenable Active Directory Security (`TENABLE_ADS`) * Tenable OT (`TENABLE_OT`) * tenable.io (`TENABLE_IO`) * Thales Luna Hardware Security Module (`THALES_LUNA_HSM`) * Thales MFA (`THALES_MFA`) * Trellix HX Event Streamer (`TRELLIX_HX_ES`) * Trend Micro (`TIPPING_POINT`) * Trend Micro Apex one (`TRENDMICRO_APEX_ONE`) * Trend Micro Vision One (`TRENDMICRO_VISION_ONE`) * Trend Micro Vision One Audit (`TRENDMICRO_VISION_ONE_AUDIT`) * Trend Micro Vision One Detections (`TRENDMICRO_VISION_ONE_DETECTIONS`) * Trend Micro Vision One Observerd Attack Techniques (`TRENDMICRO_VISION_ONE_OBSERVERD_ATTACK_TECHNIQUES`) * TXOne Stellar (`TRENDMICRO_STELLAR`) * Ubika Waf (`UBIKA_WAF`) * Unix system (`NIX_SYSTEM`) * Upstream Vehicle SOC Alerts (`UPSTREAM_VSOC_ALERTS`) * Varonis (`VARONIS`) * Vectra Stream (`VECTRA_STREAM`) * Venafi ZTPKI (`VENAFI_ZTPKI`) * Veritas NetBackup (`VERITAS_NETBACKUP`) * Versa Firewall (`VERSA_FIREWALL`) * Vmware Avinetworks iWAF (`VMWARE_AVINETWORKS_IWAF`) * VMware ESXi (`VMWARE_ESX`) * VMware NSX (`VMWARE_NSX`) * VMware vCenter (`VMWARE_VCENTER`) * WatchGuard (`WATCHGUARD`) * Windows DNS (`WINDOWS_DNS`) * Windows Event (`WINEVTLOG`) * Windows Event (XML) (`WINEVTLOG_XML`) * Windows Sysmon (`WINDOWS_SYSMON`) * wiz.io (`WIZ_IO`) * Workday User Activity (`WORKDAY_USER_ACTIVITY`) * Workspace Activities (`WORKSPACE_ACTIVITY`) * Workspace Alerts (`WORKSPACE_ALERTS`) * Workspace Users (`WORKSPACE_USERS`) * Zendesk CRM (`ZENDESK_CRM`) * Zoom Operation Logs (`ZOOM_OPERATION_LOGS`) * Zscaler (`ZSCALER_WEBPROXY`) * ZScaler NGFW (`ZSCALER_FIREWALL`) * Zscaler Private Access (`ZSCALER_ZPA`) * Zscaler Secure Private Access Audit Logs (`ZSCALER_ZPA_AUDIT`) The following log types were added without a default parser. Each parser is listed by product name and `log_type` value, where applicable. * Absolute Secure Endpoint (`ABSOLUTE_SECURE_ENDPOINT`) * Airbus Security Logging (ACD AISD) (`AIRBUS_SECURITY_LOG`) * Azure Recovery Services Vaults (`AZURE_RECOVERY_SERVICES_VAULTS`) * Boeing Onboard Network System Logging (`BOEING_ONS`) * Cisco Firepower Threat Defense (`CISCO_FIREPOWER_THREAT_DEFENSE`) * Cisco Security Cloud Control (`CISCO_SECURITY_CLOUD_CONTROL`) * Pico Corvilnet Engine (`CORVILNET_ENGINE`) * CrowdStrike Falcon Shield (`CROWDSTRIKE_FALCON_SHIELD`) * Easy NAC (`EASY_NAC`) * FairXchange Horizon (`FAIRXCHANGE_HORIZON`) * Google Threat Intelligence (`GCP_THREATINTEL`) * HPE Alletra (`HPE_ALLETRA`) * Huawei Cloud Trace Service Audit (`HUAWEI_CTS_AUDIT`) * Huawei SecMaster (`HUAWEI_SECMASTER`) * IBM ILO (`IBM_ILO`) * Infisical (`INFISICAL`) * JSCAPE SFTP (`JSCAPE_SFTP`) * Juniper Edge (`JUNIPER_EDGE`) * Kaspersky for Microsoft Office 365 (`KASPERSKY_O365_EVENTS`) * Microsoft Defender for Cloud Apps (`MICROSOFT_DEFENDER_CLOUD_APPS`) * Oracle Cloud Infrastructure Network Firewall (`OCI_FIREWALL`) * Okta Workflows (`OKTA_WORKFLOWS`) * Phosphorus (`PHOSPHORUS`) * Rapid7 Cloud Security (`RAPID7_CLOUDSEC`) * Research and Education Networks Information Sharing and Analysis Center (`REN_ISAC`) * Risk Resecurity (`RISK_RESECURITY`) * Sangfor Network Detection and Response (`SANGFOR_NDR`) * SAP Enterprise Threat Detection (`SAP_ETD`) * SAP IAS Context (`SAP_IAS_CONTEXT`) * Sectigo SCM (`SECTIGO_SCM`) * ServiceNow Node (`SERVICENOW_NODE`) * ServiceNow Outbound HTTP (`SERVICENOW_OUTBOUNDHTTP`) * ServiceNow System log (`SERVICENOW_SYSLOG`) * ServiceNow Transaction (`SERVICENOW_TRANSACTION`) * Seti S4 (`SETI_S4`) * ThousandEyes (`THOUSAND_EYES`) * Transmit Security Mosaic CIAM (`TRANSMIT_MOSAIC_CIAM`) * Transmit Security Mosaic Fraud Prevention (`TRANSMIT_MOSAIC_FRAUD_PREVENTION`) * Transmit Security Mosaic Identity Verification (`TRANSMIT_MOSAIC_IDENTITY_VERIFICATION`) * Transmit Security Mosaic Management (`TRANSMIT_MOSAIC_MANAGEMENT`) * Tripwire Security Configuration Management (`TRIPWIRE_SCM`) * Valimail (`VALIMAIL`) * WSO2 IS AM (`WSO2_IS_AM`) * XDR.Net Digital Twin (`XDRNET_DIGITALTWIN`) * Zimbra Mail (`ZIMBRA_MAIL`) * Zscaler Email DLP (`ZSCALER_EMAIL_DLP`)