Parsers and Generated Fields

Tag Fields Created by Parser microsoft-windows-dhcp-client

  • #Cps.version

  • #Vendor

  • #ecs.version

  • #event.dataset

  • #event.kind

  • #event.module

  • #event.outcome

  • #observer.type

Fields Identified by Parser microsoft-windows-dhcp-client
Vendor FieldCPS FieldDescription
`network.type`ConditionalVendor.ProviderName
`event.id`CopiedVendor.EventRecordId
`process.pid`CopiedVendor.ProcessID
`user.id`CopiedVendor.UserID
`ecs.version`StaticNone
`event.category[0]`StaticNone
`event.category[1]`StaticNone
`event.dataset`StaticNone
`event.kind`StaticNone
`event.module`StaticNone
`event.type[0]`StaticNone
`network.protocol`StaticNone
Vendor.EventRecordIdevent.id 
Vendor.ProcessIDprocess.pid 
Vendor.UserIDuser.id 
Tag Fields Created by Parser windows-dhcp-client

  • #Cps.version

  • #Vendor

  • #ecs.version

  • #event.dataset

  • #event.kind

  • #event.module

  • #event.outcome

  • #observer.type

Fields Identified by Parser windows-dhcp-client
Vendor FieldCPS FieldDescription
Vendor.EventRecordIdevent.id 
Vendor.ProcessIDprocess.pid 
Vendor.UserIDuser.id