Processors

📄️ Append

Appends values to fields

📄️ Attachment

Extracts content and metadata

📄️ Bytes

Expresses values in bytes

📄️ CEF

Parses CEF messages

📄️ Circle

Converts circles to polygons

📄️ Community ID

Computes a community ID hash

📄️ Compact

Removes empty fields from documents

📄️ Contains

Checks the presence of a value

📄️ Convert

Converts values between types

📄️ CSV

Parses CSV data

📄️ Date

Parses dates from date fields

📄️ Date Index Name

Generates time-based index names

📄️ Decrypt

Removes AES encryption from a field

📄️ Dissect

Parses data using pre-defined patterns

📄️ Dot Expander

Expands dot notation field names

📄️ Dot Nester

Flattens nested objects into dot notation fields

📄️ Drop

Conditionally stops processing a document

📄️ Encrypt

Encrypts field values using AES encryption

📄️ Enrich

Enriches documents using lookup tables and SQL queries

📄️ Fail

Raises failures when conditions are met

📄️ Final

Terminates a pipeline

📄️ Fingerprint

Generates hashes to sign documents

📄️ Foreach

Applies processors to arrays

📄️ Geo Grid

Converts geo-grid definitions to shapes

📄️ GeoIP

Adds geographic information

📄️ Grok

Extracts fields with patterns

📄️ Gsub

Regular expression-based replacement

📄️ HTML Strip

Removes HTML tags

📄️ Join

Combines array elements

📄️ JSON

Parses JSON data

📄️ KV

Extracts key-values pairs

📄️ LEEF

Parses LEEF messages

📄️ Lowercase

Converts strings to lowercase

📄️ Move

Changes field locations

📄️ Network Direction

Determines network traffic direction

📄️ Normalize

Converts field names between formats

📄️ Pipeline

Executes another pipeline

📄️ Redact

Masks sensitive data

📄️ Registered Domain

Extracts domain components

📄️ Remove

Removes fields

📄️ Rename

Renames fields

📄️ Reroute

Directs documents to specific destinations

📄️ Script

Executes scripts

📄️ Set

Sets the value of a field

📄️ Sort

Sorts values in a field

📄️ Split

Split a string on a separator

📄️ Syslog

Parses syslog messages

📄️ Trim

Removes spaces from the head and tail

📄️ Uppercase

Converts strings to uppercase

📄️ URI Parts

Parses URI strings into fields

📄️ URL Decode

Decodes URL-encoded strings

📄️ User Agent

Parses agent strings