Parsers and Generated Fields
Tag Fields Created by Parser cwaf-cef
#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type
Fields Identified by Parser cwaf-cef
| Source Field | LogScale Repository Field |
|---|---|
| Vendor.requestClientApplication | agent.original |
| Vendor.ccode | code |
| Vendor.cn1 | code |
| Vendor.sip | destination.ip |
| Vendor.spt | destination.port |
| Vendor.act | event.action |
| Vendor.end | event.end |
| Vendor.id | event.id |
| Vendor.severity | event.severity |
| Vendor.start | event.start |
| Vendor.requestMethod | http.request.method |
| Vendor.ref | http.request.referrer |
| Vendor.cicode | name |
| Vendor.in | source.bytes |
| Vendor.latitude | source.geo.location.lat |
| Vendor.longitude | source.geo.location.lon |
| Vendor.src | source.ip |
| Vendor.cpt | source.port |