IMPORTANT: No additional bug fixes or documentation updates
will be released for this version. For the latest information, see the
current release documentation.
Autonomous System Fields
editAutonomous System Fields
editAn autonomous system (AS) is a collection of connected Internet Protocol (IP) routing prefixes under the control of one or more network operators on behalf of a single administrative entity or domain that presents a common, clearly defined routing policy to the internet.
Autonomous System Field Details
editField | Description | Level |
---|---|---|
Unique number allocated to the autonomous system. The autonomous system number (ASN) uniquely identifies each network on the Internet. type: long example: |
extended |
|
Organization name. type: keyword Multi-fields:
example: |
extended |
Field Reuse
editThe as
fields are expected to be nested at:
-
client.as
-
destination.as
-
server.as
-
source.as
-
threat.enrichments.indicator.as
-
threat.indicator.as
Note also that the as
fields are not expected to be used directly at the root of the events.