WEBSERVER


The “webserver” data model provided below aligns with the most commonly used Web Servers and their log formats. Read more about how to use the DNIF Data Model

$Fields Possible Values Description
$EventID   A unique identifier for the event generated
$DstIP   The IP Address which is targeted
$TXLen   The length or size of the transmitted message
$SystemTstamp   The system time during which the event was generated
$URL   The URL ( Uniform Resource Locator ) or web address which was being accessed
$App   Name of the application
$SrcPort   The port number, from which the host seems to be targeted . For example, 80 ( HTTP ) or 22 ( SSH )
$BaseURL   The URL ( Uniform Resource Locator ) or web address which was being accessed
$LogLevel ERROR , INFORMATION , CRITICAL … Signifies the priority of the event detected
$HTTPMethod   The HTTP Method used during the HTTP Request
$SystemName   Name of the system/host machine
$User   Name of the user using the application
$SrcIP   The source IP Address of the event
$UserAgent   Name of the application acting on behalf of user
$HTTPReferer   The referral URL from which the traffic was re-directed from.