Parsers and Generated Fields
Tag Fields Created by Parser citrix-netscaler-syslog
#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type
Fields Identified by Parser citrix-netscaler-syslog
| Source Field | LogScale Repository Field |
|---|---|
| Vendor.Client | client.ip |
| Vendor.ClientIP | client.ip |
| Vendor.ClientPort | client.port |
| destination.ip | destination.address |
| Vendor.Total | destination.bytes |
| Vendor.Destination | destination.ip |
| Vendor.End | event.end |
| Vendor.endTime | event.end |
| Vendor.Start | event.start |
| Vendor.startTime | event.start |
| source.ip | source.address |
| Vendor.Total | source.bytes |
| Vendor.Source | source.ip |
| Vendor.User | user.name |
Tag Fields Created by Parser citrix-netscaler-waf-cef
#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type
Fields Identified by Parser citrix-netscaler-waf-cef
| Source Field | LogScale Repository Field |
|---|---|
| Vendor.act | event.action |
| Vendor.cn1 | event.id |
| cef.severity | event.severity |
| Vendor.cn2 | http.request.id |
| Vendor.method | http.request.method |
| Vendor.cs1 | rule.name |
| Vendor.src | source.address |
| Vendor.src | source.ip |
| Vendor.spt | source.port |
| Vendor.request | url.original |