Skip to main content
Version: 1.4.0

Overview

The Content Hub provides a centralized repository of professionally-developed pipeline templates designed to accelerate DataStream deployment and standardize data processing workflows. These templates contain pre-built parsing, transformation, and enrichment logic for popular security devices, network equipment, and enterprise applications.

Template Library

Professional Template Development

All templates in the Content Hub are developed and maintained by VirtualMetric's engineering team:

Quality Assurance:

  • Rigorous testing across multiple device firmware versions
  • Validation against real-world log samples and edge cases
  • Performance optimization for high-volume data processing
  • Regular updates to support new device features and log formats

Industry Standards Compliance:

  • Support for multiple security schemas (ASIM, OCSF, ECS, CIM, UDM)
  • Consistent field mapping and normalization across vendors
  • Integration with popular SIEM and analytics platforms
  • Compliance with regulatory and audit requirements

Comprehensive Coverage:

  • Support for major security vendors (Palo Alto, Cisco, Fortinet, Check Point)
  • Network infrastructure devices (switches, routers, load balancers)
  • Cloud platform integrations (Azure, AWS, Google Cloud)
  • Enterprise applications and databases

Template Categories

Security Device Templates:

  • Firewall logs with advanced threat detection parsing
  • Intrusion detection and prevention system events
  • Endpoint protection and antivirus solutions
  • Network access control and authentication systems

Infrastructure Templates:

  • Network device logs and SNMP data processing
  • Server operating system event collection
  • Application performance and error log analysis
  • Database audit and transaction log processing

Cloud Platform Templates:

  • Cloud service activity and audit log processing
  • Container and orchestration platform monitoring
  • Serverless function execution and error tracking
  • Cloud security and compliance event analysis

Interface Navigation

Content Discovery

Search and Filtering: The Content Hub interface provides multiple ways to discover relevant templates:

Search Functionality:

  • Global search field for template name and description matching
  • Real-time search results with highlighting of matching terms
  • Search history and suggested queries for common use cases

Filter Categories:

  • Device Type (single-select): Filter by device category (firewall, router, server, etc.)
  • Target (multi-select): Filter by supported destination platforms (Sentinel, Splunk, etc.)
  • Device Vendor (multi-select): Filter by manufacturer (Cisco, Palo Alto, Microsoft, etc.)

Filter Behavior:

  • Visual feedback with highlighting and count indicators for filter selections
  • Dynamic count updates showing template matches for each filter option
  • Clear filter removal options with visual selection states

Template Cards

Information Display: Each template card provides essential information for evaluation:

Template Overview:

  • Template name and version information
  • Supported device types and vendor compatibility
  • Target platform integration capabilities
  • Installation status indicator (Available/Installed)

Visual Indicators:

  • Color-coded status badges for installation state
  • Icon representations for device types and target platforms
  • Template complexity indicators (Simple/Advanced/Enterprise)
  • Last update timestamps and version history

Template Details

Comprehensive Template Information: Clicking on any template card opens detailed documentation across three specialized views:

General Overview Tab

Template Metadata:

  • Complete template description and use case documentation
  • Supported device models and firmware versions
  • Prerequisites and dependency requirements
  • Installation and configuration guidance

Technical Specifications:

  • Supported log formats and parsing capabilities
  • Output schema and field mapping documentation
  • Performance characteristics and resource requirements
  • Integration compatibility matrix

Processor Documentation:

  • Complete list of processing components used in template
  • Individual processor documentation with configuration examples
  • Links to detailed processor reference documentation
  • Best practice recommendations for customization

Pipeline Overview Tab

Pipeline Architecture:

  • Visual representation of data processing flow
  • Parent and child pipeline relationships
  • Processing stage documentation and dependencies

Read-Only Pipeline View:

  • Complete YAML configuration display
  • Syntax highlighting and structure visualization
  • Processing logic explanation and comments
  • Child pipeline navigation and cross-references

Log Transformation Overview Tab

Sample Data Processing:

  • Real-world log samples showing input data format
  • Step-by-step transformation process demonstration
  • Final output format with field mapping examples

Before and After Comparison:

  • Raw log data in original format
  • Processed output showing normalized fields
  • Schema compliance validation results
  • Performance metrics and processing statistics

Template Installation Process

Installation Workflow

Template Evaluation: Before installation, users can thoroughly evaluate templates:

Preview Capabilities:

  • Complete pipeline logic review without installation
  • Sample data transformation testing
  • Dependency analysis and compatibility checking
  • Resource requirement estimation

Installation Preparation:

  • Automatic dependency resolution and validation
  • Conflict detection with existing pipeline configurations
  • Backup and rollback planning for production environments

Dependency Management

Dependency Types: Templates may include various types of dependencies:

Required Dependencies:

  • Essential processing components that cannot be excluded
  • Core libraries and shared processing modules
  • Schema definitions and validation rules
  • Automatic inclusion in all installations

Optional Dependencies:

  • Enhanced processing features and advanced transformations
  • Integration modules for specific target platforms
  • Performance optimization components
  • User-selectable during installation process

Dependency Resolution:

  • Automatic detection and resolution of prerequisite components
  • Version compatibility checking and conflict resolution
  • Installation order optimization for complex dependency chains

Post-Installation Management

Template Integration

Pipeline Integration: Once installed, templates become fully integrated into the DataStream platform:

Customization Capabilities:

  • Full editing access to installed pipeline configurations
  • Custom field mapping and transformation rule modification
  • Integration with existing processing workflows
  • Child pipeline creation and management

Status Tracking:

  • Installation status indicators throughout Content Hub interface
  • Version tracking and update notification system
  • Usage statistics and performance monitoring
  • Change history and configuration audit trails

Template Maintenance

Update Management:

  • Notification system for template updates and new versions
  • Controlled update process with rollback capabilities
  • Compatibility testing for existing customizations
  • Migration assistance for breaking changes

Configuration Management:

  • Version control for customized template configurations
  • Backup and restore capabilities for pipeline modifications
  • Change approval workflows for production environments
  • Documentation generation for custom modifications

Best Practices

Template Selection

Evaluation Criteria:

  • Device compatibility and log format support
  • Target platform integration requirements
  • Performance and scalability characteristics
  • Maintenance and update lifecycle

Implementation Planning:

  • Staging environment testing and validation
  • Production deployment scheduling and rollback planning
  • Team training and documentation requirements
  • Long-term maintenance and customization strategies

Customization Guidelines

Modification Approach:

  • Start with template defaults and incrementally customize
  • Document all modifications for maintenance and updates
  • Test customizations thoroughly before production deployment
  • Maintain compatibility with template update processes

The Content Hub accelerates DataStream deployment by providing professionally-developed, tested, and maintained pipeline templates that can be quickly installed and customized for specific organizational requirements.