Event Transform

The event transformation action has several modes of operation that either modify the contents of incoming events, or affect behavior of the workflow.

For example, you could:

extract all URLs from an email body (with message only mode and REGEX_EXTRACT)
emit individual events for all IP addresses from a SIEM alert (with explode mode)
ignore processing information already seen recently (with deduplicate mode)

Features

The Event Transformation Action has several modes of operation:

Message only mode
Explode mode
Extract mode
Deduplicate mode
Delay mode
Implode mode
Throttle mode
Automatic mode

Get to know Tines

Meet the product

Features & capabilities

Cases

Workbench

AI in Tines

Build apps

What’s new?

Solutions

By product

Professional services

By team

Tines for

Partners

Blog

Tines Blog →

Discover & Learn

Case studies

Library

University

Tines Explained ^↗

Customer center

Company

About

Careers

Stay in touch

Contact

Slack Community ^↗

Newsroom

Features

Product

Solutions

Resources

Company

Connect

RSS

Meet the product

Cases

Workbench

AI in Tines

Build apps

What’s new?

By product

Professional services

Partners

Tines Blog →

Case studies

Library

University

Tines Explained ↗

Customer center

About

Careers

Contact

Slack Community ↗

Newsroom

Features​

Tines Explained ^↗

Slack Community ^↗

Features