Parsers and Generated Fields
Tag Fields Created by Parser citrix-netscaler-syslog
#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type
Fields Identified by Parser citrix-netscaler-syslog
| Source Field | CPS Field |
|---|---|
| Vendor.ClientIP; | client.ip |
| Vendor.Client_ip; | client.ip |
| Vendor.ClientPort | client.port |
| destination.ip | destination.address |
| Vendor.Total_bytes_recv | destination.bytes |
| Vendor.Destination; | destination.ip |
| Vendor.End_time; | event.end |
| Vendor.endTime; | event.end |
| Vendor.Start_time; | event.start |
| Vendor.startTime; | event.start |
| source.ip | source.address |
| Vendor.Total_bytes_send | source.bytes |
| Vendor.Source; | source.ip |
| Vendor.User | user.name |
Tag Fields Created by Parser citrix-netscaler-waf-cef
#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type
Fields Identified by Parser citrix-netscaler-waf-cef
| Source Field | CPS Field |
|---|---|
| Vendor.act | event.action |
| Vendor.cn1 | event.id |
| cef.severity | event.severity |
| Vendor.cn2 | http.request.id |
| Vendor.method | http.request.method |
| Vendor.cs1 | rule.name |
| Vendor.src | source.address |
| Vendor.src | source.ip |
| Vendor.spt | source.port |
| Vendor.request | url.original |