Logs table
The table in the Logs > Log search > Log discovery view lists records according to search and filtering criteria.
By default, the table shows the EventTime, Message, and Hostname fields. You can add more fields to the table from the Available fields list. This list contains all fields available in your logs database.
The fields available for a record depend on the log source and how you process the data with NXLog Agent. However, all records contain the core fields.
Common fields
Apart from the core fields mentioned above, NXLog Agent contains a set of fields that are common to several input modules.
| Field | Type | Description |
|---|---|---|
|
A number indicating the type of event. Error codes are vendor-specific and especially useful for event correlation. |
|
|
The date and time of the event. |
|
|
This field describes the type of event according to the log source.
For example, for Windows events it represents the severity ( |
|
|
The event message. In most cases, it contains user-friendly information about the recorded event. |
|
|
The IP address of the remote host.
Available in network modules, such as |
|
|
The ID of the process that generated the event. † |
|
|
Severity name corresponding to the SeverityValue.
It can be one of |
|
|
NXLog Agent normalized severity value between 1 and 5. |
|
|
The application, service/daemon, or device that generated the event. |
† Some modules set the ProcessID field to a string, while others set it to an integer type.
NXLog Platform only accepts integer and string values that contain digits.
String values containing text result in an error.
Hexadecimal values, such as 0x3990, are replaced with 0.
Custom fields
NXLog Agent may create additional fields according to the data source and the configuration. All fields will be available to display as table columns or to search and filter the data.
See the relevant NXLog Agent module documentation for the list of fields the module creates.