{
"headers": {},
"message": "�\u0005Jan 15 15:54:00 10.104.65.41 date=2026-01-15 time=15:54:00 devname=\"FW_WAN_01\" devid=\"FG201\" eventtime=1768467240656260450 tz=\"+0700\" logid=\"1059028704\" type=\"utm\" subtype=\"app-ctrl\" eventtype=\"signature\" level=\"information\" vd=\"root\" appid=34789 srcip=10.104.20.90 srccountry=\"Reserved\" dstip=10.104.64.6 dstcountry=\"Reserved\" srcport=64970 dstport=161 srcintf=\"FW\" srcintfrole=\"lan\" dstintf=\"FW_To_CN\" dstintfrole=\"lan\" proto=17 service=\"SNMP\" direction=\"outgoing\" policyid=6 poluuid=\"05396f9a-68b9-51ee-33ca-88984c4540e0\" policytype=\"policy\" sessionid=1135813065 applist=\"ABC Profile\" action=\"pass\" appcat=\"Network.Service\" app=\"SNMP_GetRequest\" incidentserialno=2662716398 msg=\"Network.Service: SNMP_GetRequest\" apprisk=\"elevated\"Y�;��ۊ\u0018\u0012�\u0006R\u0000J\u00002\u001d\u0012\f",
"message_key": null,
"path": "/events",
"timestamp": "2026-01-15T08:54:00.873Z"
}
Hi, I need help parsing JSON data from a log field. I'm using a YAML file for parsing. Currently, I don't know how to parse and extract data from the message fields. Please show me how to extract the message fields and then map them to ECS fields. Using a YAML file would be best. Thank you very much.