CEFParser

Parses CEF data into the context. Outputs will display only the 7 mandatory fields even if the CEF event includes many other custom or extended fields.

Script Data


NameDescription
Script Typejavascript
TagsUtility

Inputs


Argument NameDescription
dataThe data that contains the CEF rows.

Outputs


PathDescriptionType
CEFEvent.cefVersionThe CEF version.Unknown
CEFEvent.vendorThe product vendor.Unknown
CEFEvent.productThe product name.Unknown
CEFEvent.versionThe product version.Unknown
CEFEvent.signatureIDThe signature ID for the alert, if relevant.Unknown
CEFEvent.nameThe alert name.Unknown
CEFEvent.severityThe alert severity.Unknown