API1 common fields

You can specify these fields in the FIELDS parameter of any EVENT statement.

Name
 (Filter)

Tag
 CEF Name

Description

EventNonSMFIdent
 (Integer)

EventNonSMFIdent

API1 event identifier

Used to send non-SMF, event-record identifier values to the Security Information and Event Management (SIEM) service.

EventNonSMFLength
 (Integer)

Len

Length of the API1 record

Defined as a Universal field but valid only for non-SMF (API 1) events.

EventNonSMFMinor
 (Integer)

EventNonSMFMinor

Minor event type

Defined as a Universal field but valid only for non-SMF (API 1) events.

EventNonSMFSeverity
 (Integer)

EventNonSMFSeverity

Severity (API1 Events only)

Defined as a Universal field but valid only for non-SMF (API 1) events.

EventNonSMFSubType
 (Integer)

EventNonSMFSubType

Subtype if non-SMF

Defined as a Universal field but valid only for non-SMF (API 1) events.


Related topic

 FIELDS-parameter

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*