Parsers and Generated Fields | Integrations | LogScale Documentation

Skip to content

LogScale Documentation Full Library Knowledge Base Release Notes Integrations Training API GraphQL API Contacting Support

Parsers and Generated Fields

Tag Fields Created by Parser tausight-json

#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type

Fields Identified by Parser tausight-json

Source Field	LogScale Repository Field
Vendor.clipboardActivity.destProcessInfo.userName	destination.user.name
Vendor.deviceAttached.usbDevice.deviceId	device.id
Vendor.deviceAttached.usbDevice.manufacturer	device.manufacturer
Vendor.fileCopied.destinationFileInfo.fileExtension	file.extension
Vendor.fileDeleted.fileInfo.fileExtension	file.extension
Vendor.fileInspected.fileInfo.fileExtension	file.extension
Vendor.fileIoActivity.fileOpened.fileExtension	file.extension
Vendor.fileCopied.destinationFileInfo.groupName	file.group
Vendor.fileDeleted.fileInfo.groupName	file.group
Vendor.fileInspected.fileInfo.groupName	file.group
Vendor.fileCopied.sourceFileInfo.fileExtension	file.old.extension
Vendor.fileCopied.sourceFileInfo.groupName	file.old.group
Vendor.fileCopied.sourceFileInfo.ownerName	file.old.owner
Vendor.fileCopied.sourceFilename	file.old.path
Vendor.fileCopied.destinationFileInfo.ownerName	file.owner
Vendor.fileDeleted.fileInfo.ownerName	file.owner
Vendor.fileInspected.fileInfo.ownerName	file.owner
Vendor.fileCopied.destinationFilename	file.path
Vendor.fileDeleted.filename	file.path
Vendor.fileInspected.filename	file.path
Vendor.fileIoActivity.fileOpened.filename	file.path
Vendor.fileInspected.fileInfo.fileSize	file.size
Vendor.clipboardActivity.srcProcessInfo.processName	process.executable
Vendor.fileIoActivity.fileOpened.processInfo.processId	process.id
Vendor.fileIoActivity.fileOpened.processInfo.processName	process.name
Vendor.clipboardActivity.srcProcessInfo.processId	process.pid
Vendor.clipboardActivity.srcProcessInfo.userName	source.user.name

Enter search term