Parsers and Generated Fields
Tag Fields Created by Parser cisco-meraki
#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type
Fields Identified by Parser cisco-meraki
| Source Field | CPS Field |
|---|---|
| Vendor.client_ip | client.ip |
| Vendor.client_ip; | client.ip |
| Vendor.client_mac; | client.mac |
| Vendor.dst | destination.ip |
| Vendor.translated_dst_ip | destination.ip |
| Vendor.dst | destination.mac |
| Vendor.dport | destination.port |
| Vendor.dport; | destination.port |
| Vendor.translated_port; | destination.port |
| Vendor.type | event_subtype |
| Vendor.name | file.name |
| Vendor.http_method | http.request.method |
| Vendor.direction | network.direction |
| Vendor.forwarded_ip | network.forwarded_ip |
| Vendor.ssid | network.name |
| Vendor.protocol | network.protocol |
| Vendor.vlan_id; | network.vlan.id |
| Vendor.original_server_ip; | server.ip |
| Vendor.original_server_mac | server.mac |
| Vendor.server_mac | server.mac |
| Vendor.server_mac; | server.mac |
| Vendor.src | source.ip |
| Vendor.translated_src_ip | source.ip |
| Vendor.mac | source.mac |
| Vendor.src | source.mac |
| Vendor.sport | source.port |
| Vendor.sport; | source.port |
| Vendor.translated_port; | source.port |
| Vendor.url | url.original |
| Vendor.username | user.name |
| Vendor.agent | user_agent.original |