BigPanda

When alerts come into BigPanda they go through our data pipeline. Understanding the order of the pipeline can help you effectively enrich alerts.

Normalizer - Alerts get formatted into a BigPanda event

Alert enrichment - The alert gets enriched according to mapping &amp; custom tag logic as defined by the customer. Order of execution by default is determined by when an enrichment was created; however, that order can be adjusted in the UI or via the API.

<a href="https://docs.bigpanda.io/docs/maintenance-plans-v2" target="_blank" rel="nofollow noopener noreferrer">Maintenance</a> - Alerts that match any maintenance query get marked for maintenance.

1. Normalizer - Alerts get formatted into a BigPanda event
2. Alert enrichment - The alert gets enriched according to mapping &amp; custom tag logic as defined by the customer. Order of execution by default is determined by when an enrichment was created; however, that order can be adjusted in the UI or via the API.
3. <a href="https://docs.bigpanda.io/docs/maintenance-plans-v2" target="_blank" rel="nofollow noopener noreferrer">Maintenance</a> - Alerts that match any maintenance query get marked for maintenance.

<a href="https://docs.bigpanda.io/docs/enrichment#mapping" target="_blank" rel="nofollow noopener noreferrer">Enrichment mapping</a> - The alert gets enriched according to mapping uploaded by the user.

<a href="https://docs.bigpanda.io/docs/enrichment#extraction" target="_blank" rel="nofollow noopener noreferrer">Custom tags (Extraction)</a> - Relevant custom extraction tag logic is executed and applied.

<a href="https://docs.bigpanda.io/docs/enrichment#composition" target="_blank" rel="nofollow noopener noreferrer">Custom tags (Composition)</a> - Relevant custom composition tag logic is executed and applied.

1. Normalizer - Alerts get formatted into a BigPanda event
2. <a href="https://docs.bigpanda.io/docs/enrichment#mapping" target="_blank" rel="nofollow noopener noreferrer">Enrichment mapping</a> - The alert gets enriched according to mapping uploaded by the user.
3. <a href="https://docs.bigpanda.io/docs/maintenance-plans-v2" target="_blank" rel="nofollow noopener noreferrer">Maintenance</a> - Alerts that match any maintenance query get marked for maintenance.
4. <a href="https://docs.bigpanda.io/docs/enrichment#extraction" target="_blank" rel="nofollow noopener noreferrer">Custom tags (Extraction)</a> - Relevant custom extraction tag logic is executed and applied.
5. <a href="https://docs.bigpanda.io/docs/enrichment#composition" target="_blank" rel="nofollow noopener noreferrer">Custom tags (Composition)</a> - Relevant custom composition tag logic is executed and applied.

Looking for more information on BigPanda's data pipeline? Check out our Setting up BigPanda course in <a href="https://bigpandau.bigpanda.io/getting-started-videos/638518" target="_blank" rel="nofollow noopener noreferrer">BigPanda University</a>.