Parsers and Generated Fields
Tag Fields Created by Parser cisco-ise-syslog
#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type
Fields Identified by Parser cisco-ise-syslog
| Source Field | LogScale Repository Field |
|---|---|
| Vendor.AdminIPAddress | client.ip |
| host.ip | client.ip |
| Vendor.DestinationPort | client.port |
| Vendor.Detail | event.reason |
| Vendor.FailureReason | event.reason |
| Vendor.DestinationIPAddress | host.ip |
| Vendor.IpAddress | host.ip |
| Vendor.EPMacAddress | host.mac |
| Vendor.EndPointMACAddress | host.mac |
| log.syslog.hostname | observer.name |
| Vendor.IpAddress | source.ip |