Cortex Data Lake Schema Reference
  • Cortex Data Lake Schema Reference
  • Strata Logging Service Documentation
  • All Documentation
>
DNS Security CEF Fields
Focus
Download PDF
Focus
  1. Home
  2. Strata Logging Service
  3. Cortex Data Lake Schema Reference
  4. Network Logs
  5. DNS Security
  6. DNS Security CEF Fields
Download PDF
Strata Logging Service

DNS Security CEF Fields

Table of Contents

DNS Security CEF Fields

The following table identifies the DNS Security field names that the Log Forwarding app uses when you forward logs using the CEF log format.
CEF Name
Field Details
act
Query Name: action.​value
Header Type: Predefined
Max Length: 63
PanOSCortexDataLakeTenantID
Query Name: customer_id
Header Type: Custom
PanOSDNSResolverIP
Query Name: dest_ip.​value
Header Type: Custom
PanOSDNSResponse
Query Name: dns_response
Header Type: Custom
PanOSDNSResponseCode
Query Name: dns_response_code
Header Type: Custom
duser
Query Name: dst_user
Header Type: Predefined
Max Length: 1023
cs5
Query Name: dst_zone
Header Type: Predefined
Max Length: 4000
request
Query Name: fqdn
Header Type: Predefined
Max Length: 1023
cs4
Query Name: from_zone
Header Type: Predefined
Max Length: 4000
PanOSThreatID
Query Name: gtid
Header Type: Custom
PanOSLogSource
Query Name: log_source
Header Type: Custom
LogSourceGroupID
Query Name: log_source_group_id
Header Type: Custom
Max Length: 255
deviceExternalID
Query Name: log_source_id
Header Type: Predefined
Max Length: 255
rt
Query Name: log_time
Header Type: Predefined
DeviceEventClassID
Query Name: log_type.​value
Header Type: Custom
PanOSPanoramaSN
Query Name: panorama_serial
Header Type: Custom
PlatformType
Query Name: platform_type
Header Type: Custom
PanOSDNSSecuityVersion
Query Name: protocol
Header Type: Custom
PanOSRecordType
Query Name: record_type
Header Type: Custom
src
Query Name: source_ip.​value
Header Type: Predefined
suser
Query Name: source_user
Header Type: Predefined
Max Length: 1023
Name
Query Name: sub_type.​value
Header Type: Custom
cat
Query Name: threat_name
Header Type: Predefined
Max Length: 1023
start
Query Name: time_generated
Header Type: Predefined
cn3
Query Name: total_time_elapsed
Header Type: Predefined
Device Vendor
Query Name: vendor_name
Header Type: Custom
PanOSDNSCategory
Query Name: verdict.​value
Header Type: Custom

Technical Documentation

Company

Legal Notices

© 2025 Palo Alto Networks, Inc. All rights reserved.