Parsers and Generated Fields

Tag Fields Created by Parser citrix-netscaler-syslog

  • #Cps.version

  • #Vendor

  • #ecs.version

  • #event.dataset

  • #event.kind

  • #event.module

  • #event.outcome

  • #observer.type

Fields Identified by Parser citrix-netscaler-syslog
Vendor FieldCPS FieldDescription
Vendor.ClientIP;client.ip 
Vendor.Client_ip;client.ip 
Vendor.ClientPortclient.port 
destination.ipdestination.address 
Vendor.Total_bytes_recvdestination.bytes 
Vendor.Destination;destination.ip 
Vendor.End_time;event.end 
Vendor.endTime;event.end 
Vendor.Start_time;event.start 
Vendor.startTime;event.start 
source.ipsource.address 
Vendor.Total_bytes_sendsource.bytes 
Vendor.Source;source.ip 
Vendor.Useruser.name 
Tag Fields Created by Parser citrix-netscaler-waf-cef

  • #Cps.version

  • #Vendor

  • #ecs.version

  • #event.dataset

  • #event.kind

  • #event.module

  • #event.outcome

  • #observer.type

Fields Identified by Parser citrix-netscaler-waf-cef
Vendor FieldCPS FieldDescription
Vendor.actevent.action 
Vendor.cn1event.id 
cef.severityevent.severity 
Vendor.cn2http.request.id 
Vendor.methodhttp.request.method 
Vendor.cs1rule.name 
Vendor.srcsource.address 
Vendor.srcsource.ip 
Vendor.sptsource.port 
Vendor.requesturl.original