Parsers and Generated Fields
Tag Fields Created by Parser microsoft-windows-dhcp-server
#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type
Fields Identified by Parser microsoft-windows-dhcp-server
| Vendor Field | CPS Field | Description |
|---|---|---|
| Vendor.DnsRegError | error.code | |
| Vendor.Error_Code | error.code | |
| Vendor.ID | event.id |
Tag Fields Created by Parser windows-dhcp-server-csv
#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type
Fields Identified by Parser windows-dhcp-server-csv
| Vendor Field | CPS Field | Description |
|---|---|---|
| Vendor.DnsRegError | error.code | IPv4 DNS registration error code |
| Vendor.Error_Code | error.code | IPv6 error code |
| Vendor.ID | event.id | Event identifier |
| Vendor.Host_Name | host.hostname | Host name |
| Vendor.Host_Name | source.address | Hostname in lowercase |
| Vendor.IP_Address | source.ip | Source IP address for IPv4 logs |
| Vendor.IPv6_Address | source.ip | Source IP address for IPv6 logs |
| Vendor.Mac_Address | source.mac | MAC address formatted with dashes |
| Vendor.UserClass_Ascii | user.name | Alternative username field when User_Name is not available |
| Vendor.User_Name | user.name | Username when available |