Fields

The following is a list of all fields supported by BMC AMI Defender.

Name/(Filter) is the name that you would code as one of the operands of a FIELDS parameter; and if a filter type is shown in parentheses, then the name you would code as one of the operands of a FILTer or MATCH parameter, and the type of filtering on the field that is available. For more information, see Filtering-in-and-filtering-out-events. Most field names are the same as, or similar to, the IBM SMF record field names. Field names suffixed with a D are textual descriptions. For example, SMF80EVTQD is the SMF Type 80 record fields SMF80EVT and SMF80EVQ converted to text.

The FIELDS parameter is not case-sensitive; field names might be specified in upper, lower, or mixed case.

The tag or CEF name is the tag as it appears in a syslog message, and optionally the standard CEF name if the field has one (see Common Event Format (CEF) in the "Proprietary syslog format extensions" topic). Tags in this section are presented in mixed case (see TAGCase in the "OPTIONS statement" topic).

This section contains the following topics:

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*