Add Cynet 360 XDR as a known vendor (CEF syslog)

[morganfw]

Provide the new parser for Cynet 360 XDR out of the box, the syslog format is CEF.

What is the sc4s version?
3.38.0

Is there a pcap available? If so, would you prefer to attach it to this issue or send it to Splunk support?
No

What the vendor name?
Cynet

What's the product name?
Cynet 360 XDR

If you're requesting support for a new vendor, do you have any preferences regarding the default index and sourcetype for their events?
Index epintel
Sourcetype cynet:360:xdr:syslog

Do you have syslog documentation or a manual for that device??
https://help.cynet.com/en/articles/91-sending-syslog-to-3rd-party-siem
https://help.cynet.com/en/articles/144-how-to-send-syslog-to-ibm-security-qradar-siem

Feature Request description:
Provide the new parser for Cynet 360 XDR products out of the box

Do you want to have it for local usage or prepare a github PR?
Github PR

[tegge]

+1

[nikunjj-crest]

Hello @morganfw and @tegge,

We recommend creating custom parsers and contributing them to the SC4S project by following the guidelines outlined here:
Create a parser

Please note that the SC4S team reviews all submissions and may integrate them based on project priorities. However, we’re unable to provide a specific timeline for inclusion.

Thank you for your continued support and contributions.

[nikunjj-crest]

As there has been no updates from reporter side, I am closing this issue for now.
If you need further assistance or have additional details to share, please reopen the issue or contact Splunk Support.