Google SecOps has updated the list of supported default parsers

## Change Change Google SecOps has updated the list of supported default parsers. Parsers are updated gradually, so it might take one to four days before you see the changes reflected in your region. For more information, see [Supported log types and default parsers](https://cloud.google.com/chronicle/docs/ingestion/parser-list/supported-default-parsers). The following supported default parsers have been updated. Each parser is listed by product name and `log_type` value, where applicable. This list includes both released default parsers and pending parser updates. * Acalvio (`ACALVIO`) * AIX system (`AIX_SYSTEM`) * Akamai WAF (`AKAMAI_WAF`) * Apache (`APACHE`) * Apache Cassandra (`CASSANDRA`) * Apache Hadoop (`HADOOP`) * Arcsight CEF (`ARCSIGHT_CEF`) * Aruba EdgeConnect SD-WAN (`ARUBA_EDGECONNECT_SDWAN`) * Attivo Networks (`ATTIVO`) * AWS Aurora (`AWS_AURORA`) * AWS Cloudtrail (`AWS_CLOUDTRAIL`) * AWS CloudWatch (`AWS_CLOUDWATCH`) * AWS GuardDuty (`GUARDDUTY`) * AWS Network Firewall (`AWS_NETWORK_FIREWALL`) * AWS Security Hub (`AWS_SECURITY_HUB`) * AWS WAF (`AWS_WAF`) * Azure AD (`AZURE_AD`) * Azure AD Directory Audit (`AZURE_AD_AUDIT`) * Azure AD Sign-In (`AZURE_AD_SIGNIN`) * Azure Firewall (`AZURE_FIREWALL`) * Azure Front Door (`AZURE_FRONT_DOOR`) * Barracuda Email (`BARRACUDA_EMAIL`) * Barracuda Firewall (`BARRACUDA_FIREWALL`) * Blue Coat Proxy (`BLUECOAT_WEBPROXY`) * Check Point (`CHECKPOINT_FIREWALL`) * Check Point Harmony (`CHECKPOINT_HARMONY`) * Cisco Application Centric Infrastructure (`CISCO_ACI`) * Cisco ASA (`CISCO_ASA_FIREWALL`) * Cisco Firepower NGFW (`CISCO_FIREPOWER_FIREWALL`) * Cisco Internetwork Operating System (`CISCO_IOS`) * Cisco ISE (`CISCO_ISE`) * Cisco Router (`CISCO_ROUTER`) * Cisco Secure Access (`CISCO_SECURE_ACCESS`) * Cisco Switch (`CISCO_SWITCH`) * Cisco TACACS+ (`CISCO_TACACS`) * Cisco UCM (`CISCO_UCM`) * Cisco Umbrella Audit (`CISCO_UMBRELLA_AUDIT`) * Citrix Netscaler (`CITRIX_NETSCALER`) * Claroty Continuous Threat Detection (`CLAROTY_CTD`) * Claroty Enterprise Management Console (`CLAROTY_EMC`) * Claroty Xdome (`CLAROTY_XDOME`) * Cloud SQL (`GCP_CLOUDSQL`) * Cloudflare (`CLOUDFLARE`) * Cloudflare Audit (`CLOUDFLARE_AUDIT`) * Cloudflare WAF (`CLOUDFLARE_WAF`) * Cloudflare Warp (`CLOUDFLARE_WARP`) * Corelight (`CORELIGHT`) * CrowdStrike Alerts API (`CS_ALERTS`) * CrowdStrike Detection Monitoring (`CS_DETECTS`) * CrowdStrike Falcon (`CS_EDR`) * CrowdStrike Falcon Stream (`CS_STREAM`) * CyberArk (`CYBERARK`) * CyberArk Endpoint Privilege Manager (EPM) (`CYBERARK_EPM`) * CyberArk Privileged Access Manager (PAM) (`CYBERARK_PAM`) * Dell EMC Data Domain (`DELL_EMC_DATA_DOMAIN`) * Dell Switch (`DELL_SWITCH`) * Duo Auth (`DUO_AUTH`) * F5 ASM (`F5_ASM`) * F5 BIGIP LTM (`F5_BIGIP_LTM`) * F5 Distributed Cloud Services (`F5_DCS`) * F5 DNS (`F5_DNS`) * FireEye NX (`FIREEYE_NX`) * Forcepoint NGFW (`FORCEPOINT_FIREWALL`) * Forcepoint Proxy (`FORCEPOINT_WEBPROXY`) * FortiGate (`FORTINET_FIREWALL`) * Fortinet FortiAnalyzer (`FORTINET_FORTIANALYZER`) * Google Cloud (`GCP_SECURITYCENTER_THREAT`) * Google Cloud (`GCP_MONITORING_ALERTS`) * Google Threat Intelligence IOC (`GTI_IOC`) * GreyNoise (`GREYNOISE`) * Halcyon Anti Ransomware (`HALCYON`) * HP Aruba (ClearPass) (`CLEARPASS`) * Huawei Switches (`HUAWEI_SWITCH`) * Infoblox DNS (`INFOBLOX_DNS`) * Island Browser logs (`ISLAND_BROWSER`) * Kubernetes Node (`KUBERNETES_NODE`) * Linux Auditing System (AuditD) (`AUDITD`) * Linux Sysmon (`LINUX_SYSMON`) * ManageEngine ADAudit Plus (`ADAUDIT_PLUS`) * Maria Database (`MARIA_DB`) * McAfee IPS (`MCAFEE_IPS`) * McAfee Web Gateway (`MCAFEE_WEBPROXY`) * Microsoft Azure Activity (`AZURE_ACTIVITY`) * Microsoft Defender For Cloud (`MICROSOFT_DEFENDER_CLOUD_ALERTS`) * Microsoft Graph API Alerts (`MICROSOFT_GRAPH_ALERT`) * Microsoft IIS (`IIS`) * Microsoft SQL Server (`MICROSOFT_SQL`) * MISP Threat Intelligence (`MISP_IOC`) * Mobileiron (`MOBILEIRON`) * MySQL (`MYSQL`) * NetApp ONTAP (`NETAPP_ONTAP`) * Netskope V2 (`NETSKOPE_ALERT_V2`) * NGINX (`NGINX`) * Nozomi Networks Scada Guardian (`NOZOMI_GUARDIAN`) * Office 365 (`OFFICE_365`) * Open Cybersecurity Schema Framework (OCSF) (`OCSF`) * Orca Cloud Security Platform (`ORCA`) * Palo Alto Networks Firewall (`PAN_FIREWALL`) * Palo Alto Panorama (`PAN_PANORAMA`) * Palo Alto Prisma Cloud Alert payload (`PAN_PRISMA_CA`) * Ping One (`PING_ONE`) * PingIdentity Directory Server Logs (`PING_DIRECTORY`) * PostFix Mail (`POSTFIX_MAIL`) * PostgreSQL (`POSTGRESQL`) * Proofpoint On Demand (`PROOFPOINT_ON_DEMAND`) * Proofpoint Tap Alerts (`PROOFPOINT_MAIL`) * Proofpoint Threat Response (`PROOFPOINT_TRAP`) * Radware Web Application Firewall (`RADWARE_FIREWALL`) * Red Hat OpenShift (`REDHAT_OPENSHIFT`) * Rubrik Security Cloud (`RUBRIK_SECURITY_CLOUD`) * SailPoint IdentityIQ (`SAILPOINT_IIQ`) * Salesforce (`SALESFORCE`) * SAP Change Document (`SAP_CHANGE_DOCUMENT`) * SAP Gateway (`SAP_GATEWAY`) * SAP HANA (`SAP_HANA`) * SAP Hana Audit (`SAP_HANA_AUDIT`) * SAP Identity and Authentication Data (`SAP_IDENTITY_AND_AUTH_DATA`) * SAP Internet Communication Manager (`SAP_ICM`) * SAP Security Audit (`SAP_SECURITY_AUDIT`) * SAP Webdispatcher (`SAP_WEBDISP`) * Security Command Center Posture Violation (`GCP_SECURITYCENTER_POSTURE_VIOLATION`) * Security Command Center Toxic Combination (`GCP_SECURITYCENTER_TOXIC_COMBINATION`) * Sophos Central (`SOPHOS_CENTRAL`) * STIX Threat Intelligence (`STIX`) * Stormshield Firewall (`STORMSHIELD_FIREWALL`) * Suricata EVE (`SURICATA_EVE`) * Symantec Endpoint Protection (`SEP`) * Sysdig (`SYSDIG`) * Tableau (`TABLEAU`) * Teleport Access Plane (`TELEPORT_ACCESS_PLANE`) * Trend Micro (`TIPPING_POINT`) * Tripwire (`TRIPWIRE_FIM`) * TXOne Stellar (`TRENDMICRO_STELLAR`) * Ubika Waf (`UBIKA_WAF`) * Unix system (`NIX_SYSTEM`) * Velo Firewall (`VELO_FIREWALL`) * Veritas NetBackup (`VERITAS_NETBACKUP`) * Versa Firewall (`VERSA_FIREWALL`) * Vmware Avinetworks iWAF (`VMWARE_AVINETWORKS_IWAF`) * VMware ESXi (`VMWARE_ESX`) * VMware vCenter (`VMWARE_VCENTER`) * WatchGuard (`WATCHGUARD`) * Windows DNS (`WINDOWS_DNS`) * Windows Event (`WINEVTLOG`) * Windows Event (XML) (`WINEVTLOG_XML`) * wiz.io (`WIZ_IO`) * Workday Audit Logs (`WORKDAY_AUDIT`) * Zscaler (`ZSCALER_WEBPROXY`) * ZScaler VPN (`ZSCALER_VPN`) The following log types were added without a default parser. Each parser is listed by product name and `log_type` value, where applicable. * Alibaba Security Center (`ALIBABA_SECURITY_CENTER`) * Apache Airflow (`APACHE_AIRFLOW`) * Baramundi (`BARAMUNDI`) * Bravura Security (`BRAVURA`) * Buildkite Audit (`BUILDKITE_AUDIT`) * Palo Alto Cortex Xpanse (`CORTEX_XPANSE`) * Cyfirma DeCYFIR ServiceNow (`CYFIRMA_DECYFIR`) * DATEV (`DATEV`) * ELO (`ELO`) * Forcepoint Secure Web Gateway (`FORCEPOINT_SWG`) * JumpServer PAM (`JUMPSERVER_PAM`) * Keep Aware (`KEEP_AWARE`) * Lark Suite (`LARK_SUITE`) * Macmon (`MACMON`) * Mamori Database Activity Monitoring (`MAMORI_DAM`) * N8N Security Audit Logs (`N8N_SECURITY_AUDIT_LOGS`) * Oracle Cloud Infrastructure LoadBalancer (`OCI_LOADBALANCER`) * OpenText Self Service Password Reset (`OPENTEXT_SSPR`) * Rackspace (`RACKSPACE`) * Secui Bluemax NGF (`SECUI_BLUEMAX_NGF`) * Symantec Advanced Threat Protection (`SYMANTEC_ATP`) * Tenable Vulnerabilities Management (`TENABLE_VMGNT`) * Trellix EDRF Trace Data and Telemetry (`TRELLIX_EDRF`) * Trend Micro Vision One Endpoint Vulnerabilities (`TRENDMICRO_VISION_ONE_ENDPOINT_VULNERABILITIES`) * Zafran (`ZAFRAN`)