Parsers and Generated Fields
Tag Fields Created by Parser aws-waf
#Cps.version
#Vendor
#ecs.version
#event.dataset
#event.kind
#event.module
#event.outcome
#observer.type
Fields Identified by Parser aws-waf
| Vendor Field | CPS Field | Description |
|---|---|---|
| Vendor.action | event.action | Action taken by WAF |
| Vendor.httpRequest.requestId | http.request.id | Unique request identifier |
| Vendor.httpRequest.httpMethod | http.request.method | HTTP method used |
| Vendor.httpRequest.httpVersion | network.protocol, | HTTP protocol version, split into protocol and version |
| Vendor.terminatingRuleId | rule.id | WAF rule identifier |
| Vendor.terminatingRuleType | rule.ruleset | WAF rule type |
| Vendor.httpRequest.country | source.geo.country_iso_code | Country code of client IP |
| Vendor.httpRequest.clientIp | source.ip | Client IP address |
| Vendor.httpRequest.uri | url.path | Request URI path |
| Vendor.httpRequest.args | url.query | URL query parameters |