Parsers and Generated Fields
Tag Fields Created by Parser windows-dns
#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type
Fields Identified by Parser windows-dns
| Source Field | LogScale Repository Field |
|---|---|
| Vendor.ResponseCode | code |
| Vendor.PacketID | dns.id |
| Vendor.QuestionName | dns.question.name |
| Vendor.QuestionType | dns.question.type |
| Vendor.PacketID | event.id |
| Vendor.RemoteIP | source.ip |