Parsers and Generated Fields
Tag Fields Created by Parser dell-isilon
#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type
Fields Identified by Parser dell-isilon
| Vendor Field | CPS Field | Description |
|---|---|---|
| client.ip | client.address | Client address from IP |
| Vendor.clientIPAddr | client.ip | Client IP address |
| Vendor.operation | event.action | Operation type (converted to lowercase) |
| Vendor.ntStatus | event.outcome | Maps "SUCCESS" to "success", "FAILD*" or "ERROR" to "failure" |
| Vendor.inode | file.inode | File inode number |
| Vendor.filename | file.path | File path |
| Vendor.syslog.app | log.syslog.appname | Syslog application name |
| Vendor.syslog.host | log.syslog.hostname | Syslog hostname |
| Vendor.syslog.priority | log.syslog.priority | Syslog priority |
| Vendor.syslog.pid | log.syslog.procid | Syslog process ID |
| Vendor.protocol | network.protocol | Protocol name (converted to lowercase) |
| Vendor.userSID | user.id | User SID |
| Vendor.username | user.name | Username |