Parsers and Generated Fields
Tag Fields Created by Parser citrix-netscaler-syslog
#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type
Fields Identified by Parser citrix-netscaler-syslog
| Vendor Field | CPS Field | Description |
|---|---|---|
| Vendor.ClientPort | client.port | |
| destination.ip | destination.address | |
| Vendor.Total_bytes_recv | destination.bytes | |
| source.ip | source.address | |
| Vendor.Total_bytes_send | source.bytes | |
| Vendor.User | user.name |
Tag Fields Created by Parser citrix-netscaler-waf-cef
#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type
Fields Identified by Parser citrix-netscaler-waf-cef
| Vendor Field | CPS Field | Description |
|---|---|---|
| Vendor.act | event.action | |
| Vendor.cn1 | event.id | |
| cef.severity | event.severity | |
| Vendor.cn2 | http.request.id | |
| Vendor.method | http.request.method | |
| Vendor.cs1 | rule.name | |
| Vendor.src | source.address | |
| Vendor.src | source.ip | |
| Vendor.spt | source.port | |
| Vendor.request | url.original |