CEFParser

Parses CEF data into the context. Outputs will display only the 7 mandatory fields even if the CEF event includes many other custom or extended fields.

Script Data#


NameDescription
Script Typejavascript
TagsUtility

Inputs#


Argument NameDescription
dataThe data that contains the CEF rows.

Outputs#


PathDescriptionType
CEFEvent.cefVersionThe CEF version.Unknown
CEFEvent.vendorThe product vendor.Unknown
CEFEvent.productThe product name.Unknown
CEFEvent.versionThe product version.Unknown
CEFEvent.signatureIDThe signature ID for the alert, if relevant.Unknown
CEFEvent.nameThe alert name.Unknown
CEFEvent.severityThe alert severity.Unknown