Enginsight Loggernaut (SIEM)
Enginsight Loggernaut logs showing ingestion status, parsing errors, throughput metrics and retention policies applied to collected logs.
EnginsightGlobal Fields (4)
| Field | Type |
|---|---|
ngs.id Unique identifier for the log entry. | string |
ngs.createdAt Timestamp when the event was created locally. | pdate |
ngs.indexedAt Timestamp when the log was indexed into the SIEM. | pdate |
ngs.source Origin or source system of the log. | string |
Reference-Specific Fields (22)
| Field | Type |
|---|---|
ngs.loggernaut.Category | string |
ngs.loggernaut.Action | string |
ngs.loggernaut.QTime | plong |
ngs.loggernaut.NumFound | pint |
ngs.loggernaut.Query | text_general |
ngs.loggernaut.Filter | text_general |
ngs.loggernaut.FacetType | string |
ngs.loggernaut.FacetField | text_general |
ngs.loggernaut.ITime | plong |
ngs.loggernaut.ETime | plong |
ngs.loggernaut.Size | plong |
ngs.loggernaut.NumIndexed | pint |
ngs.loggernaut.WorkflowName | text_general |
ngs.loggernaut.WTime | plong |
ngs.loggernaut.NumQueried | plong |
ngs.loggernaut.AccessKeyId | string |
ngs.loggernaut.CachedLogs | plong |
ngs.loggernaut.CachedGroupCombinations | plong |
ngs.loggernaut.Start | pdate |
ngs.loggernaut.End | pdate |
ngs.loggernaut.WorkflowType | string |
ngs.loggernaut.WorkflowID | string |
Sample Log Event
Below is a representative JSON log entry showing key fields as they’re emitted by the system. Depending on the context of the event, some fields may be omitted if they’re not applicable.