Autonomous System Fields
editAutonomous System Fields
editAn autonomous system (AS) is a collection of connected Internet Protocol (IP) routing prefixes under the control of one or more network operators on behalf of a single administrative entity or domain that presents a common, clearly defined routing policy to the internet.
Autonomous System Field Details
editField | Description | Level |
---|---|---|
Unique number allocated to the autonomous system. The autonomous system number (ASN) uniquely identifies each network on the Internet. type: long example: |
extended |
|
[beta]
Use of the Organization name. type: keyword Multi-fields: * as.organization.name.text (type: match_only_text) example: |
extended |
Field Reuse
editThe as
fields are expected to be nested at:
-
client.as
-
destination.as
-
server.as
-
source.as
-
threat.enrichments.indicator.as
-
threat.indicator.as
Note also that the as
fields are not expected to be used directly at the root of the events.