Parsers and Generated Fields
Tag Fields Created by Parser aws-fsx
#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type
Fields Identified by Parser aws-fsx
| Source Field | CPS Field |
|---|---|
| Vendor.Event.EventData.IpAddress | client.ip |
| Vendor.Event.EventData.IpPort | client.port |
| Vendor.Event.System.EventID | event.id |
| Vendor.Event.EventData.ObjectName | file.path |
| Vendor.Event.EventData.ObjectType | file.type |
| Vendor.Event.System.Execution._ProcessID | process.pid |
| Vendor.Event.System.Execution._ThreadID | process.thread.id |
| Vendor.Event.EventData.SubjectUserSid | user.id |
| Vendor.Event.EventData.SubjectUserName | user.name |
Tag Fields Created by Parser fsx-xml
#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type
Fields Identified by Parser fsx-xml
| Source Field | CPS Field |
|---|---|
| Vendor.Event.EventData.IpAddress | client.ip |
| Vendor.Event.EventData.IpPort | client.port |
| Vendor.Event.System.EventID | event.id |
| Vendor.Event.EventData.ObjectName | file.path |
| Vendor.Event.EventData.ObjectType | file.type |
| Vendor.Event.System.Execution._ProcessID | process.pid |
| Vendor.Event.System.Execution._ThreadID | process.thread.id |
| Vendor.Event.EventData.SubjectUserSid | user.id |
| Vendor.Event.EventData.SubjectUserName | user.name |