FIELDS parameter

The following is a list of all fields supported by BMC AMI Defender.

For each statement, a table present the following information:

• Name (Filter)—This column of the table lists the names of the operands and, where available, the type of filter. Code the name as one of the operands of a FIELDS parameter. If a filter type is displayed in parentheses, then filtering is available for the operand—you code the name as one of the operands of a FILTer or MATCH parameter, and you can filter according to the type. For more information, see Filtering-in-and-filtering-out-events.
  Most field names are the same as, or similar to, the IBM SMF record field names. Field names that end with a D are textual descriptions. For example, SMF80EVTQD is the SMF type 80 record fields SMF80EVT and SMF80EVQ converted to text.
  The FIELDS parameter is not case-sensitive and you can specify field names in upper-, lower-, or mixed case.
• Tag, CEF name—This column of the table lists the tags as they appears in a syslog message and, if applicable, the standard CEF names. For more information, see Common Event Format (CEF) in the "Proprietary syslog format extensions" topic. Tags are displayed in mixed case (see TAGCase in the "OPTIONS statement" topic).
• Description—This column of the table presents the descriptions of the operands. Many of the descriptions are the same as, or similar to, the IBM descriptions. Where relevant, the source of the descriptions are cited.

This section contains the following topics: