Parsers and Generated Fields | Integrations | LogScale Documentation

Skip to content

LogScale Documentation Full Library Knowledge Base Release Notes Integrations Training API GraphQL API Contacting Support

Parsers and Generated Fields

Tag Fields Created by Parser fortimail

#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type

Fields Identified by Parser fortimail

Source Field	CPS Field
Vendor.log.dst_ip	destination.ip
Vendor.log.direction	email.direction
Vendor.log.subject	email.subject
Vendor.log.msg.subject	email.subject[0]
Vendor.log.mailer	email.x_mailer
Vendor.log.action	event.action
Vendor.log.action;	event.action
Vendor.log.pri	log.level
Vendor.log.msg	message
Vendor.log.client_ip	source.ip
Vendor.log.src	source.ip
Vendor.log.ui.ip	source.ip
Vendor.log.client_name	source.user.name
Vendor.log.msg.user	source.user.name
Vendor.log.msg.user	user.name
Vendor.log.user	user.name

Tag Fields Created by Parser fortinet-fortimail

#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type

Fields Identified by Parser fortinet-fortimail

Source Field	CPS Field
Vendor.log.dst_ip	destination.ip
Vendor.log.direction	email.direction
Vendor.log.msg.subject	email.subject
Vendor.log.subject	email.subject
Vendor.log.mailer	email.x_mailer
Vendor.log.action	event.action
Vendor.log.pri	log.level
Vendor.log.msg	message
Vendor.log.src	source.ip
Vendor.log.client_ip	source.ip
Vendor.log.ui.ip	source.ip
Vendor.log.client_name	source.user.name
Vendor.log.msg.user	source.user.name
Vendor.log.msg.user	user.name
Vendor.log.user	user.name

Enter search term