Syslog
Raw syslog messages (RFC 3164/5424) from any device or Unix-like system, unparsed but time-stamped and tagged.
EnginsightGlobal Fields (4)
| Field | Type |
|---|---|
ngs.id Unique identifier for the log entry. | string |
ngs.createdAt Timestamp when the event was created locally. | pdate |
ngs.indexedAt Timestamp when the log was indexed into the SIEM. | pdate |
ngs.source Origin or source system of the log. | string |
Reference-Specific Fields (14)
| Field | Type |
|---|---|
syslog.severity | pint |
syslog.facility | pint |
syslog.priority | pint |
syslog.version | pint |
syslog.app_name | text_general |
syslog.proc_id | text_general |
syslog.msg_id | text_general |
syslog.structured_data | text_general |
syslog.message | text_general |
syslog.content | text_general |
syslog.tag | text_general |
syslog.hostname | text_general |
syslog.timestamp | pdate |
syslog.client | text_general |
Sample Log Event
Below is a representative JSON log entry showing key fields as they’re emitted by the system. Depending on the context of the event, some fields may be omitted if they’re not applicable.