.png?width=180&height=32&name=NW%20Logo%20(2).png){kind=small}
Manage Parser Mappings Manage Parser Mappings
The Manage Parser Mappings dialog allows you to map the appropriate parsers for selected Event Source addresses. From the Details view, select the Map button.
Workflow
This workflow shows the overall process for configuring event sources.
What do you want to do?
*You can perform this task here.
Related Topics
Viewing Logs from Pre-11.0 Log Decoder
Quick Look
Note: For event sources that were created manually, the Manage Parser Mappings window has an empty Display Name in the Log Parsers column. To view the missing display names, close the Manage Parser Mappings dialog box, and then reopen it.
Best PracticesBest Practices
When mapping multiple device types from the same event source, assign the highest priority to the strictest log parser. Conversely, a log parser with generic headers should be lowest in priority. The CEF log parser is an example of a strict log parser.
Advanced ConfigurationAdvanced Configuration
Mapping configurations with the Log Collector are not displayed in the Parser Mappings window. If the mapping is saved, it is saved for the corresponding IP address, not for the corresponding Log Collector entry. If no mappings are found for the corresponding IP address, the discovered event source types are displayed in the Parser Mappings window.
If advanced Log Decoder configurations are discovered, a message similar to the one below displays in the Manage Parser Mappings dialog.
Note: If you want to edit the advanced configuration, you need to navigate to the Log Decoder service's parser mappings configuration.
