Parsers and Generated Fields

Tag Fields Created by Parser cisco-ise

  • #Cps.version

  • #Vendor

  • #ecs.version

  • #event.dataset

  • #event.kind

  • #event.module

  • #event.outcome

  • #observer.type

Fields Identified by Parser cisco-ise
Source FieldCPS Field
host.ip[0];client.ip
Vendor.AdminIPAddressclient.ip
Vendor.DestinationPortclient.port
Vendor.Detailevent.reason
Vendor.FailureReasonevent.reason
Vendor.DestinationIPAddresshost.ip[0]
Vendor.IpAddresshost.ip[0]
Vendor.EPMacAddresshost.mac[0]
Vendor.EndPointMACAddresshost.mac[0]
log.syslog.hostnameobserver.name
Vendor.IpAddresssource.ip
Tag Fields Created by Parser cisco-ise-syslog

  • #Cps.version

  • #Vendor

  • #ecs.version

  • #event.dataset

  • #event.kind

  • #event.module

  • #event.outcome

  • #observer.type

Fields Identified by Parser cisco-ise-syslog
Source FieldCPS Field
Vendor.AdminIPAddress;client.ip
host.ip;client.ip
Vendor.DestinationPortclient.port
Vendor.Detail;event.reason
Vendor.FailureReason;event.reason
Vendor.DestinationIPAddress;host.ip
Vendor.IpAddress;host.ip
Vendor.EPMacAddresshost.mac
Vendor.EndPointMACAddresshost.mac
log.syslog.hostnameobserver.name
Vendor.IpAddresssource.ip