Parsers and Generated Fields
Tag Fields Created by Parser infoblox-nios
#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type
Fields Identified by Parser infoblox-nios
| Vendor Field | CPS Field | Description |
|---|---|---|
| `dns.resolved_ip[]` | Array | message |
| `event.category[]` | Array | Vendor.service_name, event.action |
| `event.type[]` | Array | Vendor.service_name, event.action |
| `host.ip[]` | Array | host.domain |
| `client.domain` | Extracted | message |
| `client.ip` | Extracted | message |
| `client.mac` | Extracted | message |
| `client.port` | Extracted | message |
| `dns.question.class` | Extracted | message |
| `dns.question.name` | Extracted | message |
| `dns.question.response_code` | Extracted | message |
| `dns.question.type` | Extracted | message |
| `event.action` | Extracted | message |
| `host.domain` | Extracted | @rawstring |
| `interface.name` | Extracted | message |
| `log.syslog.priority` | Extracted | @rawstring |
| `log.syslog.timestamp` | Extracted | @rawstring |
| `message` | Extracted | @rawstring |
| `network.transport` | Extracted | message |
| `process.id` | Extracted | @rawstring |
| `server.ip` | Extracted | message |
| `user.name` | Extracted | userName |
| `@timestamp` | Parsed | log.syslog.timestamp |
| `dns.answers[].class` | Parsed | message |
| `dns.answers[].data` | Parsed | message |
| `dns.answers[].name` | Parsed | message |
| `dns.answers[].ttl` | Parsed | message |
| `dns.answers[].type` | Parsed | message |
| `ecs.version` | Static | None |
| `event.dataset` | Static | Vendor.service_name |
| `event.kind` | Static | None |
| `event.module` | Static | None |
| `event.outcome` | Static | event.action |