Custom Parsers Schemas

The following are supported schemas that can be used with Custom Parsers in Secureworks® Taegis™ XDR.

• Agent Detection Schema
• Antivirus Schema
• APIcall Schema
• Auth Schema
• CloudAudit Schema
• DHCP Schema
• DNS Schema
• Email Schema
• Encrypt Schema
• Filemod Schema
• HTTP Schema
• Management Event Schema
• Netflow Schema
• NIDS Schema
• Process Schema
• Process Module Schema
• Registry Schema
• Script Block Schema
• Taegis Endpoint Agent Schema
• Thirdparty Schema
• Types Schema
• Windows RPC Schema

Note

Schema docs show the fields available for normalization. For a schema field to be populated in XDR, its corresponding field defined in the parser must exist in the original data. Normalized data shows in the Normalized Data tab of events and is searchable in XDR only if the corresponding field exists in the original data. The Schema Library in Advanced Search shows only searchable fields.