...
These are the valid tags and corresponding data tables that will receive the parsers' data:
Tag | Data table |
|---|
auth.pingjumpcloud.iddirectory.mfaevents | auth.pingjumpcloud.id.mfa |
auth.ping.federate.security_audit | auth.ping.federate.security_audit |
directory.events |
| |
Table structure
| Rw ui tabs macro |
|---|
Field | Type | Extra Label |
|---|
eventdate | timestamp | no | hostname | str | no | initiated_by__id | str | no | initiated_by__type | str | no | initiated_by__email | str | no | initiated_by__username | str | no | initiated_by__source | str | no | initiated_by__source_metadata__name | str | no | geoip__country_code | str | no | geoip__timezone | str | no | geoip__latitude | float8 | no | geoip__continent_code | str | no | geoip__region_name | str | no | geoip__region_code | str | no | geoip__longitude | float8 | no | resource__id | str | no | resource__type | str | no | resource__username | str | no | changes | str | no | auth_method | str | no | success | bool | no | mfa | bool | no | event_type | str | no | provider | str | no | service | str | no | organization | str | no | at_version | str | no | client_ip | ip4 | no | id | str | no | user_agent__patch | str | no | user_agent__minor | str | no | user_agent__os | str | no | user_agent__major | str | no | user_agent__build | str | no | user_agent__name | str | no | user_agent__os_name | str | no | user_agent__device | str | no | association__type | str | no | association__id | str | no | association__email | str | no | timestamp | timestamp | no | hostchain | str | ✓ | tag | str | ✓ | rawMessage | str | ✓ |
Field | Value | Extra field | eventdate | timestamp
| - | hostname | str
| - | action | str
| - | actors__type_str | str
| - | actors__id_str | str
| - | actors__name_str | str
| - | source | str
| - | id | str
| - | client2 | str
| - | result__status | str
| - | result__message | str
| - | recorded | str
| - | hostchain | str
| ✓ | tag | str
| ✓ | rawMessage | str
| ✓ |
|
