[ ddi.infoblox.dhcp.dhcpd ] [ dhcp.bluecat.dhcpd ] [ dhcp.infoblox.stdout ] | Anchor |
|---|
| ddi.infoblox.dhcp.dhcpd |
|---|
| ddi.infoblox.dhcp.dhcpd |
|---|
|
ddi.infoblox.dhcp.dhcpdField in union table | Field in source table | Field transformation | Data type | Extra fields |
|---|
eventdate | eventdate | | timestamp
| | source | - | | Code Block |
|---|
'ddi.infoblox.dhcp.dhcpd' |
| str
| | signature | message_type | | strsrcIp
| | source_ip | - | | Code Block |
|---|
null(ip4('0.0.0.0')) |
| ip4srcHost
| | source_hostname | - | | strdestMac
| | destination_mac | - | | strsrcMac
| | source_mac | - | | str
| | description | - | | strleaseIpAddress
| | lease_ip | leaseIpAddress | | strleaseHardwareAddress
| | lease_mac | leaseHardwareAddress | | str
| | message | message | | str
| | rawSource | rawMessage | | str
| | rawTagged | rawMessage tag | | Code Block |
|---|
tag + ": " + rawMessage |
| str
| | rawMessage | rawMessage | | str
| | hostchain | hostchain | | str
| ✓ | tag | tag | | str
| ✓ |
| Anchor |
|---|
| dhcp.bluecat.dhcpd |
|---|
| dhcp.bluecat.dhcpd |
|---|
|
dhcp.bluecat.dhcpdField in union table | Field in source table | Field transformation | Data type | Extra fields |
|---|
eventdate | eventdate | | timestamp
| | source | - | | Code Block |
|---|
'dhcp.bluecat.dhcpd' |
| str
| | signature | signature | | strsrcIp
| | source_ip | srcIp | | ip4srcHost
| | source_hostname | - | | strdestMac
| | destination_mac | destMac | | strsrcMac
| | source_mac | srcMac | | str
| | description | - | | strleaseIpAddress
| | lease_ip | - | | strleaseHardwareAddress
| | lease_mac | - | | str
| | message | message | | str
| | rawSource | rawSource | | str
| | rawTagged | rawTagged | | str
| | rawMessage | rawMessage | | str
| | hostchain | hostchain | | str
| ✓ | tag | tag | | str
| ✓ |
| Anchor |
|---|
| dhcp.infoblox.stdout |
|---|
| dhcp.infoblox.stdout |
|---|
|
dhcp.infoblox.stdoutField in union table | Field in source table | Field transformation | Data type | Extra fields |
|---|
eventdate | eventdate | | timestamp
| | source | - | | Code Block |
|---|
'dhcp.infoblox.stdout' |
| str
| | signature | packet | | strsrcIp
| | source_ip | - | | Code Block |
|---|
null(ip4('0.0.0.0')) |
| ip4srcHost
| | source_hostname | - | | strdestMac
| | destination_mac | - | | strsrcMac
| | source_mac | - | | str
| | description | - | | strleaseIpAddress
| | lease_ip | leaseIpAddress | | strleaseHardwareAddress
| | lease_mac | leaseHardwareAddress | | str
| | message | message | | str
| | rawSource | rawSource | | str
| | rawTagged | rawTagged | | str
| | rawMessage | rawMessage | | str
| | hostchain | hostchain | | str
| ✓ | tag | tag | | str
| ✓ |
[ dhcp.microsoft.ip4 ] [ dhcp.microsoft.ip6 ] [ dhcp.unix.stdout ] | Anchor |
|---|
| dhcp.microsoft.ip4 |
|---|
| dhcp.microsoft.ip4 |
|---|
|
dhcp.microsoft.ip4Field in union table | Field in source table | Field transformation | Data type | Extra fields |
|---|
eventdate | eventdate | | timestamp
| | source | - | | Code Block |
|---|
'dhcp.infoblox.ip4' |
| str
| | signature | - | | strsrcIp
| | source_ip | srcIp | | ip4srcHost
| | source_hostname | srcHost | | strdestMac
| | destination_mac | - | | strsrcMac
| | source_mac | srcMac | | str
| | description | description | | strleaseIpAddress
| | lease_ip | - | | strleaseHardwareAddress
| | lease_mac | - | | str
| | message | - | | str
| | rawSource | - | | str
| | rawTagged | rawTagged | | str
| | rawMessage | rawMessage | | str
| | hostchain | hostchain | | str
| ✓ | tag | tag | | str
| ✓ |
| Anchor |
|---|
| dhcp.microsoft.ip6 |
|---|
| dhcp.microsoft.ip6 |
|---|
|
dhcp.microsoft.ip6Field in union table | Field in source table | Field transformation | Data type | Extra fields |
|---|
eventdate | eventdate | | timestamp
| | source | - | | Code Block |
|---|
'dhcp.infoblox.ip6' |
| str
| | signature | - | | strsrcIp
| | source_ip | srcIp6 | | ip4srcHost
| | source_hostname | - | | strdestMac
| | destination_mac | - | | strsrcMac
| | source_mac | - | | str
| | description | description | | strleaseIpAddress
| | lease_ip | - | | strleaseHardwareAddress
| | lease_mac | - | | str
| | message | - | | str
| | rawSource | rawSource | | str
| | rawTagged | rawTagged | | str
| | rawMessage | rawSource | | str
| | hostchain | hostchain | | str
| ✓ | tag | tag | | str
| ✓ |
| Anchor |
|---|
| dhcp.unix.stdout |
|---|
| dhcp.unix.stdout |
|---|
|
dhcp.unix.stdoutField in union table | Field in source table | Field transformation | Data type | Extra fields |
|---|
eventdate | eventdate | | timestamp
| | source | - | | Code Block |
|---|
'dhcp.unix.stdout' |
| str
| | signature | - | | strsrcIp
| | source_ip | - | | Code Block |
|---|
null(ip4('0.0.0.0')) |
| ip4srcHost
| | source_hostname | - | | strdestMac
| | destination_mac | - | | strsrcMac
| | source_mac | - | | str
| | description | - | | strleaseIpAddress
| | lease_ip | leaseIpAddress | | strleaseHardwareAddress
| | lease_mac | leaseHardwareAddress | | str
| | message | - | | str
| | rawSource | rawSource | | str
| | rawTagged | rawTagged | | str
| | rawMessage | rawSource | | str
| | hostchain | hostchain | | str
| ✓ | tag | tag | | str
| ✓ |
| 
