Parsers and Generated Fields | Integrations | LogScale Documentation

Skip to content

LogScale Documentation Full Library Knowledge Base Release Notes Integrations Training API GraphQL API Contacting Support

Parsers and Generated Fields

Tag Fields Created by Parser cisco-umbrella

#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type

Fields Identified by Parser cisco-umbrella

Source Field	LogScale Repository Field
Vendor.user	agent.original
Vendor.aws	cloud.region
Vendor.response	code
Vendor.status	code
Vendor.csv	csvData
Vendor.destination	destination.domain
Vendor.destination	destination.ip
Vendor.destination	destination.port
Vendor.domain	dns.question.name
Vendor.query	dns.question.type
Vendor.certificate	error.message
Vendor.action	event.action
Vendor.id	event.id
Vendor.unique	event.id
Vendor.event	eventType
Vendor.filename	file.name
Vendor.name	file.name
Vendor.owner	file.owner
Vendor.file	file.size
Vendor.request	http.request.bytes
Vendor.request	http.request.method
Vendor.referer	http.request.referrer
Vendor.response	http.response.body.bytes
Vendor.response	http.response.bytes
Vendor.session	id
Vendor.origin	interface.id
Vendor.signature	message
Vendor.application	network.application
Vendor.packet	network.bytes
Vendor.ip	network.transport
Vendor.protocol	network.transport
Vendor.attack	rule.category
Vendor.signature	rule.description
Vendor.firewall	rule.id
Vendor.rule	rule.id
Vendor.signature	rule.id
Vendor.rule	rule.name
Vendor.ruleset	rule.uuid
Vendor.signature	rule.uuid
Vendor.data	source.geo.name
Vendor.source	source.ip
source.address	source.ip
Vendor.external	source.nat.ip
Vendor.source	source.port
Vendor.content	type
Vendor.url	url.original
Vendor.email	user.email
Vendor.user	user.name
Vendor.cves	vulnerability.reference

Enter search term