industries

Pyvorin for SIEM Pipelines

Log normalisation, correlation, and alert generation.

Published May 30, 2026

Log Normalisation

Parse heterogeneous log formats into a common schema with compiled parsers.

def normalise_log(raw, parsers):
    for parser in parsers:
        if parser.matches(raw):
            return parser.parse(raw)
    return {"_raw": raw}

Correlation

Time-windowed event correlation and sequence detection.

Alert Generation

Threshold-based and anomaly-driven alert firing logic.