Parsers and Generated Fields
Tag Fields Created by Parser fortimail
#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type
Fields Identified by Parser fortimail
| Source Field | LogScale Repository Field |
|---|---|
| Vendor.log.dst | destination.ip |
| Vendor.log.direction | email.direction |
| Vendor.log.subject | email.subject |
| Vendor.log.msg.subject | email.subject[0] |
| Vendor.log.action | event.action |
| Vendor.log.pri | log.level |
| Vendor.log.mailer | mailer |
| Vendor.log.msg | message |
| Vendor.log.client | source.ip |
| Vendor.log.src | source.ip |
| Vendor.log.ui.ip | source.ip |
| Vendor.log.client | source.user.name |
| Vendor.log.msg.user | source.user.name |
| Vendor.log.msg.user | user.name |
| Vendor.log.user | user.name |