--- title: Suricata fields description: Module for handling the EVE JSON logs produced by Suricata. Fields from the Suricata EVE log file. Fields exported by the EVE JSON logs url: https://www.elastic.co/elastic/docs-builder/docs/3028/reference/beats/filebeat/exported-fields-suricata products: - Beats - Filebeat applies_to: - Elastic Cloud Serverless: Generally available - Elastic Stack: Generally available --- # Suricata fields Module for handling the EVE JSON logs produced by Suricata. ## suricata Fields from the Suricata EVE log file. ## eve Fields exported by the EVE JSON logs type: keyword type: keyword type: keyword type: boolean type: keyword type: boolean type: boolean type: keyword type: keyword type: boolean type: boolean type: keyword type: long type: keyword type: boolean type: boolean type: keyword type: keyword type: long type: long type: keyword type: keyword type: keyword type: keyword type: long type: long type: keyword type: long type: keyword type: keyword type: long type: keyword type: keyword type: keyword type: keyword Metadata about the alert. type: flattened type: keyword type: long type: long type: keyword type: long type: keyword type: keyword type: keyword type: keyword type: keyword type: keyword type: keyword type: keyword type: keyword type: keyword type: keyword type: keyword type: keyword type: date type: date type: keyword type: keyword type: keyword type: keyword type: keyword type: keyword type: keyword type: keyword type: keyword type: keyword type: keyword type: keyword type: keyword type: keyword type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: long type: date type: keyword type: keyword type: keyword type: boolean type: keyword type: keyword type: date type: keyword type: keyword type: keyword type: keyword type: keyword type: keyword type: long type: keyword type: keyword type: boolean type: long type: keyword type: keyword type: keyword type: keyword type: keyword