Versions Compared

Old Version 3

changes.mady.by.user Former user

Saved on

compared with

New Version 4

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Tag

Data table

casb.netskope.alert

casb.netskope.alert

casb.proofpoint.event

casb.proofpoint.event

Table structure

[casb.proofpoint.alert][casb.proofpoint.alert]

Anchor
casb.proofpoint.alert
casb.proofpoint.alert

casb.proofpoint.alert

Field

Type

Extra Label

eventdate

timestamp

-

hostname

str

-

id

str

-

timestamp

timestamp

-

description

str

-

related_events__user_email

str

-

related_events__user_id

str

-

related_events__event_id

str

-

related_events__geo_location

str

-

related_events__user_agent

str

-

related_events__intelligence

str

-

related_events__timestamp

int8

-

related_events__cloud_service

str

-

related_events__location

str

-

related_events__meta_data

json

-

related_events__meta_data__extracted_fields

str

-

related_events__event_classification__id

str

-

related_events__event_classification__sub_category

str

-

related_events__event_classification__threat

str

-

related_events__event_classification__category

str

-

related_events__full_name

str

-

tenantId

str

-

severity

str

-

type

str

-

title

str

-

subType

str

-

related_events_found

int4

-

related_events_id

int4

-

at_devo_environment

str

-

at_devo_pulling_id

str

-

hostchain

str

tag

str

rawMessage

str

Anchor
casb.proofpoint.alert
casb.proofpoint.alert

casb.proofpoint.alert

Field

Type

Extra Label

eventdate

timestamp

-

hostname

str

-

id

str

-

timestamp

timestamp

-

description

str

-

related_events__user_email

str

-

related_events__user_id

str

-

related_events__event_id

str

-

related_events__geo_location

str

-

related_events__user_agent

str

-

related_events__intelligence

str

-

related_events__timestamp

int8

-

related_events__cloud_service

str

-

related_events__location

str

-

related_events__meta_data

json

-

related_events__meta_data__extracted_fields

str

-

related_events__event_classification__id

str

-

related_events__event_classification__sub_category

str

-

related_events__event_classification__threat

str

-

related_events__event_classification__category

str

-

related_events__full_name

str

-

tenantId

str

-

severity

str

-

type

str

-

title

str

-

subType

str

-

related_events_found

int4

-

related_events_id

int4

-

at_devo_environment

str

-

at_devo_pulling_id

str

-

hostchain

str

tag

str

rawMessage

str

How is the data sent to Devo?

...