Fabric log field descriptions
Normalized Fabric Log Field |
Description |
---|---|
app_cat | Application Category |
app_id | Application ID |
app_proc | Application Process |
app_ref | Application Reference |
app_service | Application Service |
app_state | Application State |
app_ver | Application Version |
app_name | Application Name |
data_parsername | Data Parser Name |
data_sourceid | Data Source ID |
data_sourcename | Data Source Name |
data_sourcetype | Data Source Type |
data_sourceversion | Data Source Version |
data_timestamp | Data Timestamp |
dns_query | DNS Query |
dns_querytype | DNS Query Type |
dns_req | DNS Request |
dns_resp | DNS Response |
dns_response | DNS Response |
dst_domain | Destination Domain |
dst_geo | Destination Geo |
dst_intf | Destination Interface |
dst_mac | Destination MAC |
dst_natip | Destination Nat IP |
dst_natport | Destination Nat Port |
event_action | Event Action |
event_outcome | Event Outcome |
event_policy | Event Policy |
event_profile | Event Profile |
event_ref | Event Ref |
event_severity | Event Severity |
event_subtype | Event Sub Type |
event_type | Event Type |
event_message | Event Message |
file_accessetime | File Accessed Time |
file_createtime | File Created Time |
file_ext | File Extension |
file_hash | File Hash |
file_hashtype | File Hash Type |
file_name | File Name |
file_path | File Path |
file_size | File Size |
host_classification | Host Classification |
host_hwvendor | Host Hardware Vendor |
host_hwver | Host Hardware Version |
host_ip | Host IP |
host_location | Host Location |
host_mac | Host MAC |
host_name | Host Name |
host_osfamily | Host OS Family |
host_osname | Host OS Name |
host_osver | Host OS Version |
host_owner | Host Owner |
host_type | Host Type |
host_uid | Host UID |
http_cookie | HTTP Cookie |
http_referer | HTTP Referrer |
http_useragent | HTTP User Agent |
loguid | Data UID |
mail_from | Mail From |
mail_size | Mail Size |
mail_subject | Mail Subject |
mail_to | Mail To |
net_direction | Net Direction |
net_name | Net Name |
net_payloadid | Net Payload ID |
net_proto | Net Protocol |
net_rcvdpkts | Net Received Packets |
net_recvbytes | Net Received Bytes |
net_sentbytes | Net Sent Bytes |
net_sentpkts | Net Sent Packets |
net_sessionduration | Net Session Duration |
net_sessionid | Net Session ID |
net_ssid | Net SSID |
objectid | Object ID |
objectname | Object Name |
obj_name | Object Name |
obj_value | Object Value |
procid | Process ID |
procname | Process Name |
procowner | Process Owner |
servicename | Service Name |
src_domain | Source Domain |
src_geo | Source Geo |
src_intf | Source Interface |
src_mac | Source MAC |
src_natip | Source Nat IP |
src_natport | Source Nat Port |
src_ip | Source IP |
threat_action | Threat Action |
threat_direction | Threat Direction |
threat_hash | Threat Hash |
threat_id | Threat ID |
threat_name | Threat Name |
threat_pattern | Threat Pattern |
threat_ref | Threat Ref |
threat_score | Threat score |
threat_severity | Threat Severity |
threat_type | Threat Type |
user_authtype | User Authentication Type |
user_classification | User Classification |
user_domain | User Domain |
user_email | User Email |
user_group | User Group |
user_id | User ID |
user_location | User Location |
user_org | User Organization |
user_phone | User Phone |
user_role | User Role |
user_social | User Social |