Common fields
These fields appear in the syslog message across all protocols:
|
Field |
Description |
|---|---|
|
id.orig_h |
The client IP address involved in a connection. |
|
id.orig_p |
The client TCP or UDP port used for a connection. |
|
id.resp_h |
The server IP address involved in a connection. |
|
id.resp_p |
The server TCP or UDP port used for a connection. |
|
pkt_num |
The packet number within a network flow. |
|
tenant_id |
The identifier for a tenant associated with an event. |
|
ts |
The timestamp of the packet that triggered the log record shows when the event occurred. |
|
uid |
A unique connection ID that enables you to correlate log records related to the same network flow. |