Skip to content

Refactor parser sync to use correct SIEM paths and add auto-sync#68

Merged
natesmalley merged 1 commit intonatesmalley:mainfrom
jmorascalyr:randomization
Feb 18, 2026
Merged

Refactor parser sync to use correct SIEM paths and add auto-sync#68
natesmalley merged 1 commit intonatesmalley:mainfrom
jmorascalyr:randomization

Conversation

@jmorascalyr
Copy link
Collaborator

@jmorascalyr jmorascalyr commented Feb 18, 2026

  • Add randomization service
  • Changed parser paths from /parsers/ to /logParsers/ with .json extension to match SIEM config tree structure
  • Added LOCAL_PARSER_ALIASES mapping to handle marketplace parser names that don't match local directory names (e.g., marketplace-paloaltonetworksfirewall-latest -> paloalto_firewall-latest)
  • Updated Palo Alto firewall sourcetype mapping from paloalto_logs-latest to paloalto_firewall-latest
  • Ref

@jmorascalyr
feat: Refactor parser sync to use correct SIEM paths and add auto-syn…
0819c31 
…c support

- Changed parser paths from `/parsers/` to `/logParsers/` with `.json` extension to match SIEM config tree structure
- Added `LOCAL_PARSER_ALIASES` mapping to handle marketplace parser names that don't match local directory names (e.g., marketplace-paloaltonetworksfirewall-latest -> paloalto_firewall-latest)
- Updated Palo Alto firewall sourcetype mapping from `paloalto_logs-latest` to `paloalto_firewall-latest`
- Ref
@natesmalley natesmalley merged commit f0cd020 into natesmalley:main Feb 18, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jmorascalyr @natesmalley