Parsers and Generated Fields
Tag Fields Created by Parser fortimail
#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type
Fields Identified by Parser fortimail
| Vendor Field | CPS Field | Description |
|---|---|---|
| Vendor.log.dst_ip | destination.ip | |
| Vendor.log.direction | email.direction | |
| Vendor.log.subject | email.subject | |
| Vendor.log.msg.subject | email.subject[0] | |
| Vendor.log.mailer | email.x_mailer | |
| Vendor.log.action | event.action | |
| Vendor.log.action; | event.action | |
| Vendor.log.pri | log.level | |
| Vendor.log.msg | message | |
| Vendor.log.client_ip | source.ip | |
| Vendor.log.src | source.ip | |
| Vendor.log.ui.ip | source.ip | |
| Vendor.log.client_name | source.user.name | |
| Vendor.log.msg.user | source.user.name | |
| Vendor.log.msg.user | user.name | |
| Vendor.log.user | user.name |
Tag Fields Created by Parser fortinet-fortimail
#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type
Fields Identified by Parser fortinet-fortimail
| Vendor Field | CPS Field | Description |
|---|---|---|
| Vendor.log.dst_ip | destination.ip | |
| Vendor.log.direction | email.direction | |
| Vendor.log.msg.subject | email.subject | |
| Vendor.log.subject | email.subject | |
| Vendor.log.mailer | email.x_mailer | |
| Vendor.log.action | event.action | |
| Vendor.log.pri | log.level | |
| Vendor.log.msg | message | |
| Vendor.log.src | source.ip | |
| Vendor.log.client_ip | source.ip | |
| Vendor.log.ui.ip | source.ip | |
| Vendor.log.client_name | source.user.name | |
| Vendor.log.msg.user | source.user.name | |
| Vendor.log.msg.user | user.name | |
| Vendor.log.user | user.name |