Parsers and Generated Fields

Tag Fields Created by Parser aws-s3serveraccess

  • #Cps.version

  • #Vendor

  • #ecs.version

  • #event.dataset

  • #event.kind

  • #event.module

  • #event.outcome

  • #observer.type

Fields Identified by Parser aws-s3serveraccess
Vendor FieldCPS FieldDescription
`cloud.target.Resource.id[]`ArrayVendor.bucket
`cloud.target.Resource.type[]`ArrayNone
`event.category[]`ArrayNone
`event.type[]`ArrayNone
`event.outcome`ConditionalVendor.error_code
`client.ip`CopiedVendor.remote_ip
`client.user.id`CopiedVendor.requester
`cloud.Storage.bucket_name`CopiedVendor.bucket
`error.code`CopiedVendor.error_code
`event.action`CopiedVendor.operation
`event.duration`CopiedVendor.total_time
`event.id`CopiedVendor.request_id
`host.id`CopiedVendor.host_id
`http.request.referrer`CopiedVendor.referrer
`http.response.body.bytes`CopiedVendor.bytes_sent
`http.response.status_code`CopiedVendor.http_status
`tls.cipher`CopiedVendor.cipher_suite
`url.original`CopiedVendor.request_uri
`user_agent.original`CopiedVendor.user_agent
`http.request.method`ExtractedVendor.request_uri
`http.version`ExtractedVendor.request_uri
`tls.version_protocol`ExtractedVendor.tls_version
`tls.version`ExtractedVendor.tls_version
`client.address`LowercaseVendor.remote_ip
`@timestamp`ParsedVendor timestamp
`cloud.provider`StaticNone
`ecs.version`StaticNone
`event.kind`StaticNone
`event.module`StaticNone
Vendor.remote_ipclient.ip 
Vendor.requesterclient.user.id 
Vendor.bucketcloud.Storage.bucket_name 
Vendor.operationevent.action 
Vendor.total_timeevent.duration 
Vendor.request_idevent.id 
Vendor.host_idhost.id 
Vendor.referrerhttp.request.referrer 
Vendor.bytes_senthttp.response.body.bytes 
Vendor.http_statushttp.response.status_code 
Vendor.cipher_suitetls.cipher 
Vendor.request_uriurl.original 
Vendor.user_agentuser_agent.original