Parsers and Generated Fields
Tag Fields Created by Parser aws-cloudtrail
#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type
Fields Identified by Parser aws-cloudtrail
| Source Field | CPS Field |
|---|---|
| Vendor.digestS3Bucket; | cloud.Storage.bucket_name |
| Vendor.requestParameters.bucketName; | cloud.Storage.bucket_name |
| Vendor.awsAccountId; | cloud.account.id |
| Vendor.recipientAccountId; | cloud.account.id |
| Vendor.userIdentity.accountId; | cloud.account.id |
| Vendor.awsRegion | cloud.region |
| Vendor.errorCode | error.code |
| Vendor.errorMessage | error.message |
| Vendor.eventName | event.action |
| Vendor.eventID | event.id |
| Vendor.eventSource | event.provider |
| Vendor.errorMessage; | event.reason |
| Vendor.digestS3Object | file.path |
| Vendor.sourceIPAddress | source.ip |
| source.address; | source.ip |
| Vendor.userIdentity.principalId | user.id |
| Vendor.requestParameters.roleArn; | user.roles[0] |
| Vendor.userIdentity.sessionContext.sessionIssuer.arn; | user.roles[0] |
| Vendor.userAgent | user_agent.original |