Parsers and Generated Fields
Tag Fields Created by Parser island
#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type
Fields Identified by Parser island
| Source Field | CPS Field |
|---|---|
| Vendor.action | event.action |
| Vendor.message.type | event.action |
| Vendor.message.sourceIp | source.ip |
| Vendor.message.publicIp | source.nat.ip |
| url.host | url.domain |
| Vendor.message.topLevelUrl | url.original |
| Vendor.message.email | user.email |
| Vendor.message.userId | user.id |
| Vendor.message.userName | user.name |
| Vendor.message.entityId | user.target.id |
| Vendor.message.entityName | user.target.name |
Tag Fields Created by Parser island-enterprisebrowser
#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type
Fields Identified by Parser island-enterprisebrowser
| Source Field | CPS Field |
|---|---|
| Vendor.action | event.action |
| Vendor.message.type | event.action |
| Vendor.message.sourceIp | source.ip |
| Vendor.message.publicIp | source.nat.ip |
| url.host | url.domain |
| Vendor.message.topLevelUrl | url.original |
| Vendor.message.email | user.email |
| Vendor.message.userId | user.id |
| Vendor.message.userName | user.name |
| Vendor.message.entityId | user.target.id |
| Vendor.message.entityName | user.target.name |