Parsers and Generated Fields

Tag Fields Created by Parser akamai-asec

  • #Cps.version

  • #Vendor

  • #ecs.version

  • #event.dataset

  • #event.kind

  • #event.module

  • #event.outcome

  • #observer.type

Fields Identified by Parser akamai-asec
Vendor FieldCPS FieldDescription
`client.address`Copiedsource.address (indirect)
`client.ip`Copiedsource.ip (indirect)
`event.id`CopiedVendor.httpMessage.requestId
`http.request.id`CopiedVendor.httpMessage.requestId
`http.request.method`CopiedVendor.httpMessage.method
`http.response.bytes`CopiedVendor.httpMessage.bytes
`http.response.status_code`CopiedVendor.httpMessage.status
`source.address`CopiedVendor.attackData.clientIP
`source.geo.city_name`CopiedVendor.geo.city
`source.geo.country_iso_code`CopiedVendor.geo.country
`source.ip`Copiedsource.address (indirect)
`url.domain`CopiedVendor.httpMessage.host
`url.path`CopiedVendor.httpMessage.path
`url.port`CopiedVendor.httpMessage.port
`url.query`CopiedVendor.httpMessage.query
`http.version`ExtractedVendor.httpMessage.protocol
`network.protocol`ExtractedVendor.httpMessage.protocol
`tls.version_protocol`ExtractedVendor.httpMessage.tls
`tls.version`ExtractedVendor.httpMessage.tls
`source.geo.region_iso_code`Formattedsource.geo.country_iso_code, Vendor.geo.regionCode
`@timestamp`ParsedVendor.httpMessage.start
`ecs.version`StaticNone
`event.category[]`StaticNone
`event.kind`StaticNone
`event.module`StaticNone
`event.type[]`StaticNone
source.addressclient.address 
source.ipclient.ip 
Vendor.httpMessage.requestIdevent.id 
Vendor.httpMessage.requestIdhttp.request.id 
Vendor.httpMessage.methodhttp.request.method 
Vendor.httpMessage.byteshttp.response.bytes 
Vendor.httpMessage.statushttp.response.status_code 
Vendor.attackData.clientIPsource.address 
Vendor.geo.citysource.geo.city_name 
Vendor.geo.countrysource.geo.country_iso_code 
source.addresssource.ip 
Vendor.httpMessage.pathurl.path 
Vendor.httpMessage.porturl.port 
Vendor.httpMessage.queryurl.query