Parsers and Generated Fields | Integrations | LogScale Documentation

Skip to content

LogScale Documentation Full Library Knowledge Base Release Notes Integrations Query Examples Training API GraphQL API Contacting Support

Parsers and Generated Fields

Tag Fields Created by Parser netgate-pfsense

#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type

Fields Identified by Parser netgate-pfsense

Vendor Field	CPS Field	Description
`event.category[]`	Array	None
`event.type[]`	Array	Vendor.action
`event.outcome`	Conditional	Vendor.action
`destination.ip`	Copied	Vendor.dst_ip
`destination.port`	Copied	Vendor.dst_port
`event.action`	Copied	Vendor.action
`event.reason`	Copied	Vendor.reason
`rule.id`	Copied	Vendor.rule_number
`source.ip`	Copied	Vendor.src_ip
`source.port`	Copied	Vendor.src_port
`log.syslog.appname`	Extracted	None
`log.syslog.hostname`	Extracted	None
`log.syslog.priority`	Extracted	None
`log.syslog.procid`	Extracted	None
`@timestamp`	Parsed	None
`ecs.version`	Static	None
`event.dataset`	Static	None
`event.kind`	Static	None
`event.module`	Static	None
`network.transport`	Transformed	Vendor.protocol
Vendor.dst_ip	destination.ip
Vendor.dst_port	destination.port
Vendor.action	event.action
Vendor.reason	event.reason
Vendor.rule_number	rule.id
Vendor.src_ip	source.ip
Vendor.src_port	source.port

Enter search term