WordPress CMS¶
About¶
WordPress is software designed for everyone, emphasizing accessibility, performance, security, and ease of use. We believe great software should work with minimum set up, so you can focus on sharing your story, product, or services freely. The basic WordPress software is simple and predictable so you can easily get started. It also offers powerful features for growth and success. We believe in democratizing publishing and the freedoms that come with open source. Supporting this idea is a large community of people collaborating on and contributing to this project. The WordPress community is welcoming and inclusive. Our contributors’ passion drives the success of WordPress which, in turn, helps you reach your goals.
Product Details¶
Vendor URL: WordPress CMS
Product Type: Content Management System
Product Tier: Tier III
Integration Method: Custom
Integration URL: n/a
Log Guide: n/a
Parser Details¶
Log Format: Syslog with GROK filters
Expected Normalization Rate: 90%
Data Label: WORDPRESS_CMS
UDM Fields (list of all UDM fields leveraged in the Parser):
| Log File Field | UDM Field |
|---|---|
| clientip | principal.ip |
| http_client | network.http.user_agent |
| http_method | network.http.method |
| http_status | network.http.response_code |
| http_version | network.http.application_protocol |
| observer_app | observer.application |
| observer_host | observer.hostname |
| observer_host | target.hostname |
| referral_url | network.http.referral_url |
| target_url | target.url |
| urlpath | target.file.full_path |
Product Event Types¶
| Description | UDM Event Type |
|---|---|
| all events | NETWORK_HTTP |
Log Sample¶
10.0.0.7 website.domain1.com - [03/Mar/2022:18:44:52 +0000] "GET /filepath HTTP/1.0" 404 146 "-" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0 (via website.domain2.com GoogleImageProxy)"
Sample Parsing¶
metadata.event_type = "NETWORK_HTTP"
metadata.vendor_name = "Wordpress"
metadata.product_name = "Wordpress CMS"
principal.ip = "10.0.0.7"
target.hostname = "website.domain1.com"
target.file.full_path = "/filepath"
observer.hostname = "website.domain1.com"
observer.application = "GoogleImageProxy"
network.application_protocol = "HTTP"
network.http.method = "GET"
network.http.referral_url = "website.domain2.com"
network.http.user_agent = "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0"
network.http.response_code: = "404"
Parser Alerting¶
This product currently does not have any Parser-based Alerting
Rules¶
Coming soon