Skip to main content
Skip table of contents

Sequence Editor

When parsing a log message, Axon sometimes breaks up data in ways that are not useful. In these instances, the Sequence Editor allows the user to give Axon guidance on how to parse a section of the message. You can also use it to parse entire log messages containing data in unstructured or uncommon formats. 

The Sequence Editor requires advanced knowledge of how to parse log messages. You need to understand how a log message is structured. Specifically, you need to know what parts are literal/static values and what parts are variables. When parsing a message from a known third-party device, it is important to have access to the vendor documentation on how its log messages are formatted. You can use the vendor documentation to compare with your log message as you step through the Sequence Editor to parse each part of the log.

Add a Sequence to Your Log Message

  1. In the Message Interpreter panel, click the three-dot menu in the row where you want to make changes, and then click Add Sequence.
    The Sequence Editor dialog box appears with the log message displayed at the top. The dialog box contains the following components:

    • Log message: Axon highlights each part of the log as you step through the parsing. 
    • Back button: Click to go back to the previous part of the log.
    • Next button: Click to advance to the next part of the log.
    • Select a Processor: Axon displays suggested processors at the top of the list. Other available processors are below the suggested processors.

    As you step through the Sequence Editor, ensure you are parsing fields with values you want to extract to create rules for your policy.

  2. Select a processor for the highlighted part of the log.
    The selected processor name appears on the right side with the part of the log it will process below it.
  3. Click Next.
    The next part of the log is highlighted. 

  4. Continue to step through the entire log, selecting a processor and clicking Next.

    You can change what is included in the actively highlighted part by clicking and dragging the right side of the highlighted box.

  5. When you are done parsing the log, click Submit
    The Message Interpreter appears with the new parsing format.
  6. Now you can select values for your identification rules and map values to the Axon Data Schema fields for your normalization rules.


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close