Mappings: Cisco Meraki Security Filtering Disposition Change - Custom Parser
Input | Value |
---|---|
Vendor | Cisco |
Product | Meraki |
Log Format | JSON |
Event ID Regex Pattern | security_filtering_disposition_change |
Output | Value |
---|---|
Vendor | Cisco Systems |
Product | Meraki |
Record Type | Notification |
Cloud SIEM Schema Field | Original Record Key | Notes |
---|---|---|
action | action | |
device_hostname | syslog_device_name | |
file_basename | name | |
file_hash_sha256 | sha256 | |
threat_name | disposition | |
timestamp | syslog_timestamp | We expect the orginal record value of syslog_timestamp is in the format epoch_float |