Table of Contents | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
|
...
Valid tags and data tables
The full tag must have 4 levels. The first two are fixed ascdn.akamai
. The third level identifies the type of events sent, and the fourth level indicates the event subtype.
These are the valid tags and corresponding data tables that will receive the parsers' data:
Product / Service | Tags | Data tables |
---|---|---|
Akamai CDN |
|
|
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
Regarding Cloud Monitor API service, this technology uses a single tag to support all of the data elements used in the Cloud Monitor default connectors. The tag is cdn.akamai.cloudmonitor
and the associated events are saved in Devo in a table of the same name.
For more information, read more about Devo tags.
How is the data sent to Devo?
Cloud Monitor sends event data in JSON format via HTTPs POST requests. For complete instructions, see the vendor documentation online.
...
Rw ui tabs macro | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Field | Type | Field transformation |
Anchor | ||||
---|---|---|---|---|
|
Field | Type | Field transformation | Source field name | Extra fields | ||
---|---|---|---|---|---|---|
eventdate |
|
|
| |||
type |
|
|
| |||
format |
|
|
| |||
version |
|
|
| |||
id |
|
|
| |||
timestamp_epoch |
|
|
| |||
timestamp |
|
|
| |||
cp |
|
|
| |||
network_networkType |
|
|
| |||
network_edgeIP |
|
| network_edgeIP2 | |||
network_asnum |
|
| network_asnum2 | |||
network_network |
|
|
| |||
reqHdr_referer |
|
|
| |||
reqHdr_cookie |
|
|
| |||
AnalysisUserId |
|
|
| |||
bm_sv |
|
|
| |||
ak_bmsc |
|
|
| |||
akamai_ro |
|
|
| |||
reqHdr_accEnc |
|
|
| |||
reqHdr_accLang |
|
|
| |||
reqHdr_conn |
|
|
| |||
reqHdr_auth |
|
|
| |||
reqHdr_DNT |
|
|
| |||
reqHdr_cacheCtl |
|
|
| |||
reqHdr_expect |
|
|
| |||
reqHdr_ifMod |
|
|
| |||
reqHdr_ifNone |
|
|
| |||
reqHdr_ifRange |
|
|
| |||
reqHdr_range |
|
|
| |||
reqHdr_te |
|
|
| |||
reqHdr_upgrade |
|
|
| |||
reqHdr_via |
|
|
| |||
reqHdr_xFrwdFor |
|
|
| |||
reqHdr_xReqWith |
|
|
| |||
geo_lat |
|
| geo_lat2 | |||
geo_country |
|
|
| |||
geo_region |
|
|
| |||
geo_long |
|
| geo_long2 | |||
geo_city |
|
|
| |||
netPerf_asnum |
|
| netPerf_asnum2 | |||
netPerf_cacheStatus |
|
| netPerf_cacheStatus2 | |||
netPerf_lastMileRTT |
|
| netPerf_lastMileRTT2 | |||
netPerf_downloadTime |
|
| netPerf_downloadTime2 | |||
netPerf_edgeIP |
|
| netPerf_edgeIP2 | |||
netPerf_lastByte |
|
| netPerf_lastByte2 | |||
netPerf_firstByte |
|
| netPerf_firstByte2 | |||
netPerf_midMileLatency |
|
| netPerf_midMileLatency2 | |||
netPerf_midMileRTT |
|
| netPerf_midMileRTT2 | |||
netPerf_netOriginLatency |
|
| netPerf_netOriginLatency2 | |||
respHdr_contEnc |
|
|
| |||
respHdr_cacheCtl |
|
|
| |||
respHdr_contLang |
|
|
| |||
respHdr_server |
|
|
| |||
respHdr_date |
|
|
| |||
respHdr_setCookie |
|
|
| |||
respHdr_conn |
|
|
| |||
respHdr_Sampled |
|
|
| |||
respHdr_UA |
|
|
| |||
respHdr_accRange |
|
|
| |||
respHdr_acs_tput |
|
|
| |||
respHdr_allow |
|
|
| |||
respHdr_allowOrigin |
|
|
| |||
respHdr_application |
|
|
| |||
respHdr_asnum |
|
|
| |||
respHdr_bytes |
|
|
| |||
respHdr_cache_frags |
|
|
| |||
respHdr_city |
|
|
| |||
respHdr_cliIP |
|
|
| |||
respHdr_clientTLSSNIName |
|
|
| |||
respHdr_contDisp |
|
|
| |||
respHdr_contRange |
|
|
| |||
respHdr_denyData |
|
|
| |||
respHdr_denyRules |
|
|
| |||
respHdr_eTag |
|
|
| |||
respHdr_edgeIP |
|
|
| |||
respHdr_expires |
|
|
| |||
respHdr_fwdHost |
|
|
| |||
respHdr_fwd_bytes |
|
|
| |||
respHdr_lastByte |
|
|
| |||
respHdr_lastMod |
|
|
| |||
respHdr_lat |
|
|
| |||
respHdr_long |
|
|
| |||
respHdr_network |
|
|
| |||
respHdr_networkType |
|
|
| |||
respHdr_parent_tput |
|
|
| |||
respHdr_peer_tput |
|
|
| |||
respHdr_reqHost |
|
|
| |||
respHdr_reqMethod |
|
|
| |||
respHdr_reqPath |
|
|
| |||
respHdr_reqPort |
|
|
| |||
respHdr_respCT |
|
|
| |||
respHdr_retry |
|
|
| |||
respHdr_sslVer |
|
|
| |||
respHdr_status |
|
|
| |||
respHdr_vary |
|
|
| |||
respHdr_wafDenyData |
|
|
| |||
respHdr_wafDenyRules |
|
|
| |||
respHdr_wwwAuth |
|
|
| |||
respHdr_xPwrdBy |
|
|
| |||
message_status |
|
| message_status2 | |||
message_cliIP |
|
| message_cliIP2 | |||
message_protoVer |
|
| message_protoVer2 | |||
message_proto |
|
|
| |||
message_respCT |
|
|
| |||
message_reqQuery |
|
|
| |||
message_bytes |
|
| message_bytes2 | |||
message_reqPath |
|
|
| |||
message_respLen |
|
| message_respLen2 | |||
message_reqPort |
|
| message_reqPort2 | |||
message_reqHost |
|
|
| |||
message_reqMethod |
|
|
| |||
message_sslVer |
|
|
| |||
message_UA |
|
|
| |||
message_fwdHost |
|
|
| |||
message_redirURL |
|
|
| |||
message_reqCT |
|
|
| |||
message_reqLen |
|
|
| |||
message_URL |
|
| message_proto message_reqHost message_reqPort message_reqPath | |||
waf_denyData |
|
|
| |||
waf_denyRules |
|
|
| |||
waf_denyDor |
|
|
| |||
waf_model |
|
|
| |||
waf_oft |
|
|
| |||
waf_pAction |
|
|
| |||
waf_pRate |
|
|
| |||
waf_policy |
|
|
| |||
waf_riskGroups |
|
|
| |||
waf_riskScores |
|
|
| |||
waf_riskTuples |
|
|
| |||
waf_rsr |
|
|
| |||
waf_ruleSet |
|
|
| |||
waf_ver |
|
|
| |||
waf_warnData |
|
|
| |||
waf_warnRules |
|
|
| |||
waf_warnTags |
|
|
| |||
waf_warnSlrs |
|
|
| |||
Custom_warnData_Username |
|
|
| |||
content_Custom_BOT_ANOMALY_BEHAVIOR |
|
|
| |||
content_Custom_warnDataEmail |
|
|
| |||
content_Custom_warnDataEmpID |
|
|
| |||
content_Custom_warnDataFirstName |
|
|
| |||
content_Custom_warnDataHireDate |
|
|
| |||
content_Custom_warnDataLastName |
|
|
| |||
content_Reputation |
|
|
| |||
content_trace_ParentSpanId |
|
|
| |||
content_trace_Sampled |
|
|
| |||
content_trace_SpanId |
|
|
| |||
content_trace_SpanName |
|
|
| |||
content_trace_TraceId |
|
|
| |||
content_trace_application |
|
|
| |||
originalJson |
|
| rawMessage | |||
hostchain |
|
|
| ✓ | ||
tag |
|
|
| ✓ | ||
rawMessage |
|
|
| ✓ |
Anchor | ||||
---|---|---|---|---|
|
Field | Type | Extra fields |
---|---|---|
eventdate |
|
|
event_data |
|
|
event_id |
|
|
event_time |
|
|
event_type__event_definition__event_definition_id |
|
|
event_type__event_definition__event_description |
|
|
event_type__event_definition__event_name |
|
|
event_type__event_type_id |
|
|
event_type__event_type_name |
|
|
impersonator |
|
|
username |
|
|
hostchain |
| ✓ |
tag |
| ✓ |
rawMessage |
| ✓ |
Anchor | ||||
---|---|---|---|---|
|
Field | Type | Field transformation | Source field name | Extra fields | ||
---|---|---|---|---|---|---|
eventdate |
|
|
| |||
type |
|
|
| |||
format |
|
|
| |||
version |
|
|
| |||
id |
|
| id_tmp reqId_tmp | |||
reqId |
|
| id_tmp reqId_tmp | |||
timestamp |
|
| timestamp_tmp timestamp2_tmp | |||
timestamp_epoch |
|
| timestamp2_epoch_tmp timestamp_epoch_tmp | |||
reqTimeSec |
|
| timestamp_epoch | |||
cp |
|
|
| |||
network_networkType |
|
|
| |||
network_edgeIP |
|
| network_edgeIP2 edgeIP2 | |||
edgeIP |
|
| network_edgeIP2 edgeIP2 | |||
network_edgeIPStr |
|
| network_edgeIPStr2 edgeIPStr2 | |||
edgeIPStr |
|
| network_edgeIPStr2 edgeIPStr2 | |||
network_asnum |
|
| network_asnum2 | |||
network_network |
|
|
| |||
reqHdr_referer |
|
|
| |||
reqHdr_cookie |
|
|
| |||
AnalysisUserId |
|
|
| |||
bm_sv |
|
|
| |||
ak_bmsc |
|
|
| |||
akamai_ro |
|
|
| |||
reqHdr_accEnc |
|
|
| |||
reqHdr_accLang |
|
|
| |||
reqHdr_conn |
|
|
| |||
reqHdr_basic_username |
|
|
| |||
reqHdr_authHash |
|
|
| |||
reqHdr_auth |
|
|
| |||
reqHdr_DNT |
|
|
| |||
reqHdr_cacheCtl |
|
|
| |||
reqHdr_expect |
|
|
| |||
reqHdr_ifMod |
|
|
| |||
reqHdr_ifNone |
|
|
| |||
reqHdr_ifRange |
|
|
| |||
reqHdr_range |
|
|
| |||
reqHdr_te |
|
|
| |||
reqHdr_upgrade |
|
|
| |||
reqHdr_via |
|
|
| |||
reqHdr_xFrwdFor |
|
|
| |||
reqHdr_xReqWith |
|
|
| |||
reqHdr_jwt |
|
|
| |||
reqHdr_jwt_kid |
|
|
| |||
reqHdr_jwt_trust |
|
|
| |||
reqHdr_jwt_iat |
|
|
| |||
reqHdr_jwt_exp |
|
|
| |||
reqHdr_jwt_iss |
|
|
| |||
reqHdr_jwt_jti |
|
|
| |||
reqHdr_jwt_lat |
|
|
| |||
reqHdr_jwt_aud |
|
|
| |||
reqHdr_jwt_sub |
|
|
| |||
reqHdr_jwt_sbt |
|
|
| |||
reqHdr_jwt_source |
|
|
| |||
reqHdr_cookies_length |
|
|
| |||
reqHdr_cookies_count |
|
|
| |||
reqHdr_cookies_items_anonymousId |
|
|
| |||
reqHdr_jwt_scp_str |
|
| reqHdr_jwt_scp | |||
reqHdr_jwt_prn |
|
|
| |||
reqHdr_jwt_prt |
|
|
| |||
geo_lat |
|
| geo_lat2 | |||
geo_country |
|
|
| |||
country |
|
| geo_country | |||
geo_region |
|
|
| |||
geo_long |
|
| geo_long2 | |||
geo_city |
|
|
| |||
city |
|
| geo_city | |||
netPerf_asnum |
|
| netPerf_asnum2 | |||
netPerf_cacheStatus |
|
| netPerf_cacheStatus2 | |||
cacheStatus |
|
| netPerf_cacheStatus | |||
netPerf_lastMileRTT |
|
| netPerf_lastMileRTT2 | |||
netPerf_downloadTime |
|
| netPerf_downloadTime2 | |||
netPerf_edgeIP |
|
| netPerf_edgeIP2 | |||
netPerf_lastByte |
|
| netPerf_lastByte2 | |||
netPerf_firstByte |
|
| netPerf_firstByte2 | |||
netPerf_midMileLatency |
|
| netPerf_midMileLatency2 | |||
netPerf_midMileRTT |
|
| netPerf_midMileRTT2 | |||
netPerf_netOriginLatency |
|
| netPerf_netOriginLatency2 | |||
respHdr_contEnc |
|
|
| |||
respHdr_cacheCtl |
|
|
| |||
respHdr_contLang |
|
|
| |||
respHdr_server |
|
|
| |||
respHdr_date |
|
|
| |||
respHdr_setCookie |
|
|
| |||
respHdr_conn |
|
|
| |||
respHdr_Sampled |
|
|
| |||
respHdr_UA |
|
|
| |||
respHdr_accRange |
|
|
| |||
respHdr_acs_tput |
|
|
| |||
respHdr_allow |
|
|
| |||
respHdr_allowOrigin |
|
|
| |||
respHdr_application |
|
|
| |||
respHdr_asnum |
|
|
| |||
respHdr_bytes |
|
|
| |||
respHdr_cache_frags |
|
|
| |||
respHdr_city |
|
|
| |||
respHdr_cliIP |
|
|
| |||
respHdr_clientTLSSNIName |
|
|
| |||
respHdr_contDisp |
|
|
| |||
respHdr_contRange |
|
|
| |||
respHdr_denyData |
|
|
| |||
respHdr_denyRules |
|
|
| |||
respHdr_eTag |
|
|
| |||
respHdr_edgeIP |
|
|
| |||
respHdr_expires |
|
|
| |||
respHdr_fwdHost |
|
|
| |||
respHdr_fwd_bytes |
|
|
| |||
respHdr_lastByte |
|
|
| |||
respHdr_lastMod |
|
|
| |||
respHdr_lat |
|
|
| |||
respHdr_long |
|
|
| |||
respHdr_network |
|
|
| |||
respHdr_networkType |
|
|
| |||
respHdr_parent_tput |
|
|
| |||
respHdr_peer_tput |
|
|
| |||
respHdr_reqHost |
|
|
| |||
respHdr_reqMethod |
|
|
| |||
respHdr_reqPath |
|
|
| |||
respHdr_reqPort |
|
|
| |||
respHdr_respCT |
|
|
| |||
respHdr_retry |
|
|
| |||
respHdr_sslVer |
|
|
| |||
respHdr_status |
|
|
| |||
respHdr_vary |
|
|
| |||
respHdr_wafDenyData |
|
|
| |||
respHdr_wafDenyRules |
|
|
| |||
respHdr_wwwAuth |
|
|
| |||
respHdr_xPwrdBy |
|
|
| |||
message_status |
|
| message_status2 statusCode_tmp | |||
statusCode |
|
| message_status2 statusCode_tmp | |||
message_cliIP |
|
| message_cliIP2 | |||
cliIP |
|
| message_cliIP | |||
message_cliIPStr |
|
|
| |||
message_protoVer |
|
| message_protoVer2 | |||
proto |
|
|
| |||
message_proto |
|
|
| |||
message_respCT |
|
| message_respCT_tmp rspContentType_tmp | |||
rspContentType |
|
| message_respCT_tmp rspContentType_tmp | |||
message_reqQuery |
|
| queryStr_tmp message_reqQuery_tmp | |||
queryStr |
|
| queryStr_tmp message_reqQuery_tmp | |||
message_bytes |
|
| message_bytes2 | |||
bytes |
|
| message_bytes | |||
message_reqPath |
|
|
| |||
reqPath |
|
| message_reqPath | |||
message_respLen |
|
| message_respLen2 rspContentLen_tmp | |||
rspContentLen |
|
| message_respLen2 rspContentLen_tmp | |||
message_reqPort |
|
| message_reqPort2 | |||
reqPort |
|
| message_reqPort | |||
message_reqHost |
|
|
| |||
reqHost |
|
| message_reqHost | |||
message_reqMethod |
|
|
| |||
reqMethod |
|
| message_reqMethod | |||
message_sslVer |
|
| tlsVersion_tmp message_sslVer_tmp | |||
tlsVersion |
|
| tlsVersion_tmp message_sslVer_tmp | |||
message_UA |
|
|
| |||
UA |
|
| message_UA | |||
message_fwdHost |
|
|
| |||
message_redirURL |
|
|
| |||
message_reqCT |
|
|
| |||
message_reqLen |
|
|
| |||
waf_denyData |
|
|
| |||
waf_denyRules |
|
|
| |||
waf_denyDor |
|
|
| |||
waf_model |
|
|
| |||
waf_oft |
|
|
| |||
waf_pAction |
|
|
| |||
waf_pRate |
|
|
| |||
waf_policy |
|
|
| |||
waf_riskGroups |
|
|
| |||
waf_riskScores |
|
|
| |||
waf_riskTuples |
|
|
| |||
waf_rsr |
|
|
| |||
waf_ruleSet |
|
|
| |||
waf_ver |
|
|
| |||
waf_warnData |
|
|
| |||
waf_warnRules |
|
|
| |||
waf_warnTags |
|
|
| |||
waf_warnSlrs |
|
|
| |||
Custom_warnData_Username |
|
|
| |||
content_Custom_BOT_ANOMALY_BEHAVIOR |
|
|
| |||
content_Custom_warnDataEmail |
|
|
| |||
content_Custom_warnDataEmpID |
|
|
| |||
content_Custom_warnDataFirstName |
|
|
| |||
content_Custom_warnDataHireDate |
|
|
| |||
content_Custom_warnDataLastName |
|
|
| |||
content_Reputation |
|
|
| |||
content_trace_ParentSpanId |
|
|
| |||
content_trace_Sampled |
|
|
| |||
content_trace_SpanId |
|
|
| |||
content_trace_SpanName |
|
|
| |||
content_trace_TraceId |
|
|
| |||
content_trace_application |
|
|
| |||
content_Custom_Log_Reference_Error |
|
|
| |||
content_Custom_Log_Custom_FirstName |
|
|
| |||
content_Custom_Log_Custom_LastName |
|
|
| |||
content_Custom_Log_Custom_Email |
|
|
| |||
content_Custom_Log_Custom_Username |
|
|
| |||
content_Custom_Log_Custom_Phone |
|
|
| |||
tlsOverheadTimeMSec |
|
| tlsOverheadTimeMSec_tmp | |||
objSize |
|
| objSize_tmp | |||
uncompressedSize |
|
| uncompressedSize_tmp | |||
overheadBytes |
|
| overheadBytes_tmp | |||
totalBytes |
|
| totalBytes_tmp | |||
accLang |
|
|
| |||
cookie |
|
|
| |||
range |
|
|
| |||
referer |
|
|
| |||
xForwardedFor |
|
|
| |||
maxAgeSec |
|
| maxAgeSec_tmp | |||
reqEndTimeMSec |
|
| reqEndTimeMSec_tmp | |||
errorCode |
|
|
| |||
customField |
|
|
| |||
state |
|
|
| |||
turnAroundTimeMSec |
|
| turnAroundTimeMSec_tmp | |||
transferTimeMSec |
|
| transferTimeMSec_tmp | |||
dnsLookupTimeMSec |
|
| dnsLookupTimeMSec_tmp | |||
billingRegion |
|
|
| |||
serverCountry |
|
|
| |||
streamId |
|
|
| |||
breadcrumbs |
|
|
| |||
lastByte |
|
|
| |||
edgeWorkers_usage |
|
|
| |||
edgeWorkers_execution |
|
|
| |||
securityRules |
|
|
| |||
originalJson |
|
| rawMessage | |||
hostchain |
|
|
| ✓ | ||
tag |
|
|
| ✓ | ||
rawMessage |
|
|
| ✓ |
Anchor |
---|
|
|
Field | Type | Field transformation | Source field name | Extra fields | ||
---|---|---|---|---|---|---|
eventdate |
| |||||
type |
| |||||
format |
| |||||
version |
| |||||
attackData_configId |
| |||||
attackData_policyId |
| |||||
attackData_clientIP |
| |||||
attackData_rules |
| |||||
attackData_ruleVersions |
| |||||
attackData_ruleMessages |
| |||||
attackData_ruleTags |
| |||||
attackData_ruleData |
| |||||
attackData_ruleSelectors |
| |||||
attackData_ruleActions |
| |||||
attackData_ruleValues_rules |
|
| attackData_ruleValues_rules_array | |||
attackData_ruleValues_ruleVersions |
|
| attackData_ruleValues_ruleVersions_array | |||
attackData_ruleValues_ruleMessages |
|
| attackData_ruleValues_ruleMessages_array | |||
attackData_ruleValues_ruleTags |
|
| attackData_ruleValues_ruleTags_array | |||
attackData_ruleValues_ruleData |
|
| attackData_ruleValues_ruleData_array | |||
attackData_ruleValues_ruleSelectors |
|
| attackData_ruleValues_ruleSelectors_array | |||
attackData_ruleValues_ruleActions |
|
| attackData_ruleValues_ruleActions_array | |||
attackData_clientReputation |
| |||||
httpMessage_requestId |
| |||||
httpMessage_start |
| |||||
httpMessage_protocol |
| |||||
httpMessage_method |
| |||||
httpMessage_host |
| |||||
httpMessage_port |
| |||||
httpMessage_path |
| |||||
httpMessage_requestHeaders |
| |||||
httpMessage_status |
| |||||
httpMessage_bytes |
| |||||
httpMessage_responseHeaders |
| |||||
geo_continent |
| |||||
geo_country |
| |||||
geo_city |
| |||||
geo_regionCode |
| |||||
geo_asn |
| |||||
hostchain |
| ✓ | ||||
tag |
| ✓ | ||||
rawMessage |
| ✓ |