Home
EN
Location
Documentation Home
Palo Alto Networks
Support
Live Community
Knowledge Base
>
Clear
DNS Security CEF Fields
Updated on
Fri Oct 25 11:24:38 UTC 2024
Focus
Download PDF
Updated on
Fri Oct 25 11:24:38 UTC 2024
Focus
Home
Strata Logging Service
Network Logs
DNS Security
DNS Security CEF Fields
Download PDF
Strata Logging Service
DNS Security CEF Fields
Table of Contents
Filter
Expand All
|
Collapse All
Strata Logging Service Docs
Activation & Onboarding
Administration
Release Notes
Log Reference
Previous
DNS Security Syslog Default Field Order
Next
DNS Security EMAIL Fields
DNS Security CEF Fields
The following table identifies the DNS Security field names that the Log Forwarding app uses when you forward logs using the CEF log format.
CEF Name
Field Details
act
Query Name:
action.value
Header Type:
Predefined
Max Length:
63
PanOSCortexDataLakeTenantID
Query Name:
customer_id
Header Type:
Custom
PanOSDNSResolverIP
Query Name:
dest_ip.value
Header Type:
Custom
PanOSDNSResponse
Query Name:
dns_response
Header Type:
Custom
PanOSDNSResponseCode
Query Name:
dns_response_code
Header Type:
Custom
duser
Query Name:
dst_user
Header Type:
Predefined
Max Length:
1023
cs5
Query Name:
dst_zone
Header Type:
Predefined
Max Length:
4000
request
Query Name:
fqdn
Header Type:
Predefined
Max Length:
1023
cs4
Query Name:
from_zone
Header Type:
Predefined
Max Length:
4000
PanOSThreatID
Query Name:
gtid
Header Type:
Custom
PanOSLogSource
Query Name:
log_source
Header Type:
Custom
LogSourceGroupID
Query Name:
log_source_group_id
Header Type:
Custom
Max Length:
255
deviceExternalID
Query Name:
log_source_id
Header Type:
Predefined
Max Length:
255
rt
Query Name:
log_time
Header Type:
Predefined
DeviceEventClassID
Query Name:
log_type.value
Header Type:
Custom
PanOSPanoramaSN
Query Name:
panorama_serial
Header Type:
Custom
PlatformType
Query Name:
platform_type
Header Type:
Custom
PanOSDNSSecuityVersion
Query Name:
protocol
Header Type:
Custom
PanOSRecordType
Query Name:
record_type
Header Type:
Custom
src
Query Name:
source_ip.value
Header Type:
Predefined
suser
Query Name:
source_user
Header Type:
Predefined
Max Length:
1023
Name
Query Name:
sub_type.value
Header Type:
Custom
cat
Query Name:
threat_name
Header Type:
Predefined
Max Length:
1023
start
Query Name:
time_generated
Header Type:
Predefined
cn3
Query Name:
total_time_elapsed
Header Type:
Predefined
Device Vendor
Query Name:
vendor_name
Header Type:
Custom
PanOSDNSCategory
Query Name:
verdict.value
Header Type:
Custom
Previous
DNS Security Syslog Default Field Order
Next
DNS Security EMAIL Fields