Document toolboxDocument toolbox

cloud.aws.cloudfront

Introduction

The tags beginning with cloud.aws.cloudfront identify events generated by AWS CloudFront.

Valid tags and data tables 

The full tag must have 4 levels. The first 3 are fixed as cloud.aws.cloudfront. The fourth level indicates the event subtype.

These are the valid tags and corresponding data tables that will receive the parsers' data:

Product / Service

Tags

Data tables

Product / Service

Tags

Data tables

AWS CloudFront

cloud.aws.cloudfront.rmtp_1

cloud.aws.cloudfront.rmtp_1

cloud.aws.cloudfront.web_1

cloud.aws.cloudfront.web_1

For more information, read more About Devo tags.

Table structure

These are the fields displayed in these tables:

cloud.aws.cloudfront.rmtp_1

Field

Type

Source field name

Extra fields

Field

Type

Source field name

Extra fields

eventdate

timestamp

 

 

hostname

str

 

 

ACCID

str

 

 

REGION

str

 

 

date

str

 

 

time

str

 

 

x_edge_location

str

 

 

c_ip

str

 

 

x_event

str

 

 

c_bytes

int8

 

 

x_cf_status

str

 

 

x_cf_client_id

str

 

 

cs_uri_stem

str

 

 

cs_uri_query

str

 

 

c_referrer

str

 

 

x_page_url

str

 

 

c_user_agent

str

 

 

x_sname

str

 

 

x_sname_query

str

 

 

x_file_ext

str

 

 

x_sid

str

 

 

message

str

rawMessage

 

hostchain

str

 

✓

tag

str

 

✓

rawMessage

str

 

✓

cloud.aws.cloudfront.web_1

Field

Type

Source field name

Extra fields

Field

Type

Source field name

Extra fields

eventdate

timestamp

 

 

hostname

str

 

 

ACCID

str

 

 

REGION

str

 

 

date

str

 

 

time

str

 

 

x_edge_location

str

 

 

sc_bytes

int8

 

 

c_ip

str

 

 

cs_method

str

 

 

cs_Host

str

 

 

cs_uri_stem

str

 

 

sc_status

int4

 

 

cs_Referer

str

 

 

cs_User_Agent

str

 

 

cs_uri_query

str

 

 

cs_Cookie

str

 

 

x_edge_result_type

str

 

 

x_edge_request_id

str

 

 

x_host_header

str

 

 

cs_protocol

str

 

 

cs_bytes

int8

 

 

time_taken

float8

 

 

x_forwarded_for

str

 

 

ssl_protocol

str

 

 

ssl_cipher

str

 

 

x_edge_response_result_type

str

 

 

cs_protocol_version

str

 

 

fle_status

str

 

 

fle_encrypted_fields

str

 

 

c_port

int8

 

 

time_to_first_byte

float8

 

 

x_edge_detailed_result_type

str

 

 

sc_content_type

str

 

 

sc_content_len

int8

 

 

sc_range_start

str

 

 

sc_range_end

str

 

 

message

str

rawMessage

 

hostchain

str

 

✓

tag

str

 

✓

rawMessage

str

 

✓