Could you show us some images from parser\policy configuration to explain your problem?
Ask support for a document titled "How to write a McAfee ESM Custom Parser and troubleshoot a data source.pdf" and see if that helps.
I don't know if either "interface" is a defined Type or not ( not near an ESM ) but if it is not you'll need to crate a "Custom Type" ESM Properties --> Custom Types. Then in your parser rules you should be able to regex match and map to those values to the proper field. Although, not sure if that will/can be included in Advance details but it will definitely show up in the Custom Types tab in the event details which you can then trigger/correlate based on those matches.