| rule "Process CEF" | |
| when | |
| true | |
| then | |
| set_fields(parse_cef(to_string($message.message), false)); | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
| rule "Process CEF" | |
| when | |
| true | |
| then | |
| set_fields(parse_cef(to_string($message.message), false)); | |
| end |