IMPORTANT: No additional bug fixes or documentation updates will be released for this version. For the latest information, see the current release documentation.
« panw fields PostgreSQL fields »
Elastic Docs Filebeat Reference [8.5] Exported fields

Pensando fields

IMPORTANT: This documentation is no longer updated. Refer to Elastic's version policy and the latest documentation.

Pensando fields

pensando Module

pensando

Fields from Pensando logs.

dfw

Fields for Pensando DFW

pensando.dfw.action

Action on the flow.

type: keyword

pensando.dfw.app_id

Application ID

type: integer

pensando.dfw.destination_address

Address of destination.

type: keyword

pensando.dfw.destination_port

Port of destination.

type: integer

pensando.dfw.direction

Direction of the flow

type: keyword

pensando.dfw.protocol

Protocol of the flow

type: keyword

pensando.dfw.rule_id

Rule ID that was matched.

type: keyword

pensando.dfw.session_id

Session ID of the flow

type: integer

pensando.dfw.session_state

Session state of the flow.

type: keyword

pensando.dfw.source_address

Source address of the flow.

type: keyword

pensando.dfw.source_port

Source port of the flow.

type: integer

pensando.dfw.timestamp

Timestamp of the log.

type: date

« panw fields PostgreSQL fields »