Parsers and Generated Fields

Tag Fields Created by Parser okta-sso

  • #Cps.version

  • #Vendor

  • #ecs.version

  • #event.dataset

  • #event.kind

  • #event.module

  • #event.outcome

  • #observer.type

Fields Identified by Parser okta-sso
Source FieldLogScale Repository Field
Vendor.client.userAgent.rawUserAgentagent.original
Vendor.securityContext.asOrgclient.as.organization.name
Vendor.client.geographicalContext.geolocation.latclient.geo.location.lat
Vendor.client.geographicalContext.geolocation.lonclient.geo.location.lon
Vendor.client.ipAddressclient.ip
Vendor.actor.idclient.user.id
Vendor.actor.alternateIdclient.user.name
Vendor.eventTypeevent.action
Vendor.uuidevent.id
Vendor.outcome.reasonevent.reason
Vendor.displayMessagemessage
Vendor.User.displayNamename
Vendor.actor.displayNamename
Vendor.actor.idname
Vendor.client.geographicalContext.cityname
Vendor.client.geographicalContext.countryname
Vendor.client.geographicalContext.statename
Vendor.client.ipAddresssource.as
Vendor.client.ipAddresssource.geo
Vendor.client.ipAddresssource.ip
Vendor.actor.idsource.user.id
Vendor.actor.alternateIdsource.user.name
Vendor.actor.alternateIduser.name
Vendor.User.loginuser.target.email
Vendor.UserGroup.iduser.target.group.id
Vendor.UserGroup.displayNameuser.target.group.name
Vendor.User.iduser.target.id
Vendor.User.alternateIduser.target.name