Specifications   Search
CEE™ Common Event Expression: A Unified Event Language for Interoperability
CEE Website is in "Archive" status — read the announcement
 

About CEE

Documents

FAQs

CEE Language

Current Release

Previous Releases

CEE Community

CEE Board

Discussion Archive

News & Events

Calendar

Search the Site

CEE Language

Current Release

Specifications

Schemas

Downloads

Profiles

Versioning

Terminology

Implementations

Additional Information

Previous Releases

Terms of Use

Field Dictionary

field type description domain object
acct xs:string Account Name   account
acct_domain xs:string Account Domain   account
acct_fullname xs:string Account FullName   account
acct_id xs:string Account ID, User ID (uid)   account
bootid xs:string Producer Boot ID    
dev xs:string Device name   device
dev_links xs:string Device node links   device
dev_node xs:string Device node   device
driver xs:string System Kernel Driver Name   driver
dst hostname Destination Hostname net system
dst_ip ipAddress Destination IP Address net system
dst_mac macAddress Destination Mac Address net system
dst_port xs:unsignedShort Destination Network Port net system
dst_prefix_len xs:unsignedByte Destination IP Address Prefix Length net system
exe xs:string Binary process exe path    
file xs:string File Name   file
in_bytes xs:long Inbound (Ingress) Bytes   system
in_pkts xs:long Inbound (Ingress) Packet Count   system
out_bytes xs:long Outbound (Egress) Bytes   system
out_pkts xs:long Outbound (Egress) Packet Count   system
p_ip ipAddress Producer IP Address   system
p_mac macAddress Producer MAC Address   system
proc xs:string Process Name   process
proc_egid xs:string Process Effective Group ID (gid)   process
proc_euid xs:string Process Effective User ID (euid)   process
proc_gid xs:string Process Group ID   process
proc_id xs:string Process ID    
proc_uid xs:string Process User ID    
prod xs:string Product Name   product
proto_app xs:string Network Application Protocol Name net  
rcv_time xs:dateTime Event Record Receive Time   event
rec_id xs:string Event Record ID   event
rec_time xs:dateTime Event Record Record Time    
sess xs:string User Session ID    
src hostname Source Hostname net system
src_ip ipAddress Source IP Address net system
src_mac macAddress Source Mac Address net system
src_port xs:unsignedShort Source Transport Port net system
src_prefix_len xs:unsignedByte Source IP Address Prefix Length net system
subsystem xs:string System kernel subsystem    

BACK TO TOP

Page Last Updated: August 10, 2012