All EDRs generated by
n2svcd applications use a common EDR Format.
The specific field names and values are application-specific and documented per-application.
EDRs generated by
n2svcd applications are contained in files like so:
Each filename has multiple underscore-separated parts, in order:
- The EDR stream key (
stream2above), representing the application’s configured EDR stream key, either from its
default_edr_stream_keyparameter or derived otherwise from within the application logic.
- The hostname of the machine that is running
- The timestamp that the EDR file was opened at, including microseconds.
- The process ID of the writing process. If multiple-process service daemon is enabled, this will be the N2SVCD application. Otherwise, it will be the EDR Application.