Key-Value Log Type
Key-Value Log Type
The key value log type has each field description within the field.
To create a log parser for key values:
- On the Test/Create page, click Create Custom Parser.
- On the Upload page, click Select File. Go to and select a log file, and then click Upload.
- On the Preparation page, go to the Format tab. Select Key-Value for the Log File Type, and then click Next.
- On the Extraction page, go to the Structure tab. Select comma from the Key-Value Delimiter dropdown list, and then select equal sign from the Separator For Key Value Fields. When finished, click Next.
- On the Timestamp tab, enter a value, like Column 1, for the Timestamp Maps To field. Next, enter a Timestamp Format.
- On the Fields tab, select an option for the Source IP (required), Source (Src) Port, Destination IP, Destination Port, Action,, and map them to the required field from Skope IT. For example, if the Source IP is in column 6, select column 6 from the dropdown list for the Source IP. Do this for all fields you want to map.
- When finished, click Next.
- Click Test to process your log file. The results display on the tabs at the bottom of the page.
- Click Finish, enter a name for your custom parser, and then click Save.