Merge pull request #234602 from oshezaf/asim/ref-to-source-by-source-type

prmerger-automator[bot] · web-flow · commit d86d129709ec · 2023-04-16T07:45:58.000Z
Update normalization-manage-parsers.md
diff --git a/articles/sentinel/normalization-manage-parsers.md b/articles/sentinel/normalization-manage-parsers.md
@@ -177,6 +177,8 @@ Some parsers requires you to update the list of sources that are relevant to the
 - Set the `SourceType` field to the parser specific value specified in the parser documentation. 
 - Set the `Source` field to the identifier of the source used in the events. You may need to query the original table, such as Syslog, to determine the correct value.
 
+If you system does not have the `Sources_by_SourceType` watchlist deployed, deploy the watchlist to your Microsoft Sentinel workspace from the Microsoft Sentinel [GitHub](https://aka.ms/DeployASimWatchlists) repository.
+
 ## <a name="next-steps"></a>Next steps
 
 This article discusses managing the Advanced Security Information Model (ASIM) parsers.
