New FalconNgsParser

New-FalconNgsParser

SYNOPSIS

Create a Falcon NGSIEM parser

DESCRIPTION

Requires 'NGSIEM Parsers: Write'.

PARAMETERS

Name	Type	Description	Allowed	PipelineByName
Name	String	Parser name		X
Repository	String	Repository name	`parsers-repository`	X
Script	String	Parser script to transform input into events		X
TestCase	Object[]	An example event and output		X
FieldToRemove	String[]	Event fields to remove before parsing		X
FieldToTag	String[]	Event fields to tag during parsing		X

SYNTAX

New-FalconNgsParser [-Name] <String> [-Repository] <String> [-Script] <String> [-TestCase] <Object[]> [[-FieldToRemove] <String[]>] [[-FieldToTag] <String[]>] [-WhatIf] [-Confirm] [<CommonParameters>]

REFERENCE

Endpoints

POST /ngsiem-content/entities/parsers/v1

falconpy

CreateParser

USAGE

2025-09-02: PSFalcon v2.2.9

Using PSFalcon
Commands by Permission
Other Commands
Examples
- Code Examples
- Samples
CrowdStrike SDKs
- FalconPy - Python 3
- goFalcon - Go
- Rusty Falcon - Rust

New FalconNgsParser

New-FalconNgsParser

SYNOPSIS

DESCRIPTION

PARAMETERS

SYNTAX

REFERENCE

Endpoints

falconpy

USAGE

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!