Skip to main content
Version: 2.12.0

Output Dictionary

The Output Dictionary is the translation engine of NFO. Every downstream platform (Splunk, Sentinel, Elasticsearch) has its own preferred naming convention for network fields. The Dictionary allows you to map NFO’s output field names to the specific schema required by your destination.

Custom field names, if specified, apply to both, syslog key=value pairs and JSON field names.

Click on the Data set link and override the names you want, or Download the entire list as CVS file, make changes, and Upload.