asim/parser_namimg

oshezaf · oshezaf · commit b85cb76c23bc · 2023-04-17T09:16:49.000+03:00
diff --git a/articles/sentinel/normalization-about-parsers.md b/articles/sentinel/normalization-about-parsers.md
@@ -44,7 +44,7 @@ The following table lists the available unifying parsers:
 
 | Schema | Unifying parser | 
 | ------ | ------------------------- |
-| Audit Event | imAuditEvent |
+| Audit Event | _Im_AuditEvent |
 | Authentication | imAuthentication | 
 | Dns | _Im_Dns |
 | File Event | imFileEvent |
diff --git a/articles/sentinel/normalization-parsers-overview.md b/articles/sentinel/normalization-parsers-overview.md
@@ -33,11 +33,14 @@ Each method has advantages over the other:
 
 It is recommended to use built-in parsers for  schemas for which built-in parsers are available. 
 
-## Parser hierarchy
+## Parser hierarchy and naming
 
 ASIM includes two levels of parsers: **unifying** parser and **source-specific** parsers. The user usually uses the **unifying** parser for the relevant schema, ensuring all data relevant to the schema is queried. The **unifying** parser in turn calls **source-specific** parsers to perform the actual parsing and normalization, which is specific for each source.
 
-The unifying parser name is `_Im_<schema>` for built-in parsers and `im<schema>` for workspace deployed parsers, where `<schema>` stands for the specific schema it serves. sSource-specific parsers can also be used independently. For example, in an Infoblox-specific workbook, use the `vimDnsInfobloxNIOS` source-specific parser. You can find a list of source-specific parsers in the [ASIM parsers list](normalization-parsers-list.md).
+The unifying parser name is `_Im_<schema>` for built-in parsers and `im<schema>` for workspace deployed parsers, where `<schema>` stands for the specific schema it serves. Source-specific parsers can also be used independently. Use `_Im_<schema>_<source>` for built-in parsers and `vim<schema><source>` for workspace deployed parsers. For example, in an Infoblox-specific workbook, use the `_Im_Dns_InfobloxNIOS` source-specific parser. You can find a list of source-specific parsers in the [ASIM parsers list](normalization-parsers-list.md).
+
+>[!TIP]
+> A corresponding set of parsers that use _ASim_<schema> and ASim<Schema> are also available. Theses parsers do not support filtering parameters and are provided to help mitigate the [Time picker set to a custom range](normalization-known-issues.md#time-picker-set-to-a-custom-range) issue. Use those parsers only interactively in the logs screen, but not elsewhere, for example in analytic rules or workbooks. This parsers may not be removed when the issue is resolves.
 
 
 >[!TIP]
