test_system.json

{
  "input": {
    "message": "1,2024/01/12 22:47:26,016201000000,SYSTEM,vpn,2222,2024/01/12 22:47:27,,test-event,,0,0,general,informational,\"unknown test peer\",55555555555555555,0x0,0,0,0,0,,test-1,0,0,2024-01-12T22:47:27.652+11:00"
  },
  "expected": {
    "message": "1,2024/01/12 22:47:26,016201000000,SYSTEM,vpn,2222,2024/01/12 22:47:27,,test-event,,0,0,general,informational,\"unknown test peer\",55555555555555555,0x0,0,0,0,0,,test-1,0,0,2024-01-12T22:47:27.652+11:00",
    "event": {
      "category": [
        "network"
      ],
      "dataset": "system",
      "reason": "unknown test peer",
      "type": [
        "info"
      ]
    },
    "@timestamp": "2024-01-12T11:47:27.652000Z",
    "action": {
      "name": "test-event",
      "type": "vpn"
    },
    "log": {
      "hostname": "test-1",
      "level": "informational",
      "logger": "system"
    },
    "observer": {
      "name": "test-1",
      "product": "PAN-OS",
      "serial_number": "016201000000"
    },
    "paloalto": {
      "DGHierarchyLevel1": "0",
      "DGHierarchyLevel2": "0",
      "DGHierarchyLevel3": "0",
      "DGHierarchyLevel4": "0",
      "EventID": "test-event",
      "Threat_ContentType": "vpn"
    }
  }
}