Edit-FalconNgsParser

SYNOPSIS

Modify Falcon NGSIEM parsers

DESCRIPTION

Requires 'NGSIEM Parsers: Write'.

PARAMETERS

Name	Type	Description	Allowed	PipelineByName
Id	String	Parser identifier		X
Repository	String	Repository name	`parsers-repository`	X
Script	String	Parser script to transform input into events		X
TestCase	Object[]	An example event and output		X
FieldToRemoveParsing	String[]			X
FieldToTag	String[]	Event fields to tag during parsing		X

SYNTAX

Edit-FalconNgsParser [-Id] <String> [-Repository] <String> [-Script] <String> [-TestCase] <Object[]> [[-FieldToRemoveParsing] <String[]>] [[-FieldToTag] <String[]>] [-WhatIf] [-Confirm] [<CommonParameters>]

REFERENCE

Endpoints

PATCH /ngsiem-content/entities/parsers/v1

falconpy

UpdateParser

USAGE

2025-09-02: PSFalcon v2.2.9

Edit FalconNgsParser - CrowdStrike/psfalcon GitHub Wiki

Edit-FalconNgsParser

SYNOPSIS

DESCRIPTION

PARAMETERS

SYNTAX

REFERENCE

Endpoints

falconpy

USAGE

⚠️ GitHub.com Fallback ⚠️

Edit FalconNgsParser - CrowdStrike/psfalcon GitHub Wiki

Edit-FalconNgsParser

SYNOPSIS

DESCRIPTION

PARAMETERS

SYNTAX

REFERENCE

Endpoints

falconpy

USAGE

⚠️ **GitHub.com Fallback** ⚠️

⚠️ GitHub.com Fallback ⚠️