Parsers and Generated Fields
Tag Fields Created by Parser netgate-pfsense
#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type
Fields Identified by Parser netgate-pfsense
| Vendor Field | CPS Field | Description |
|---|---|---|
| Vendor.dst_ip | destination.ip | |
| Vendor.dst_port | destination.port | |
| Vendor.action | event.action | |
| Vendor.reason | event.reason | |
| Vendor.rule_number | rule.id | |
| Vendor.src_ip | source.ip | |
| Vendor.src_port | source.port |
Tag Fields Created by Parser pfsense-syslog
#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type
Fields Identified by Parser pfsense-syslog
| Vendor Field | CPS Field | Description |
|---|---|---|
| Vendor.dst_ip | destination.ip | |
| Vendor.dst_port | destination.port | |
| Vendor.action | event.action | |
| Vendor.reason | event.reason | |
| Vendor.logtype | log.syslog.appname | |
| Vendor.syslog.priority | log.syslog.priority | |
| Vendor.pid | log.syslog.procid | |
| Vendor.rule_number | rule.id | |
| Vendor.src_ip | source.ip | |
| Vendor.src_port | source.port |