Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
We are using a 3rd party solution for that. take a look at skyformation. AFAIK they support any SIEM and also remove the need to parse and classify the events.
