Versions Compared

Old Version 6

changes.mady.by.user Juan Tomás Alonso Nieto

Saved on

compared with

New Version 7

changes.mady.by.user Juan Tomás Alonso Nieto

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Rw ui tabs macro

Rw tab
title46-50

Anchor
tag46
tag46
cloud.office365.reporting.messagetrace

Field

Type

Extra fields

eventdate

timestamp

hostname

str

organization

str

messageId

str

received

timestamp

senderAddress

str

recipientAddress

str

subject

str

status

str

toIP

ip4

fromIP

ip4

size

int4

messageTraceId

str

startDate

timestamp

endDate

timestamp

index

int4

hostchain

str

tag

str

rawMessage

str

Anchor
tag47
tag47
cloud.office365.reporting.safelinksdetail

Field

Type

Extra fields

eventdate

timestamp

hostname

str

clicktime

timestamp

internalmessageid

str

clientmessageid

str

senderaddress

str

recipientaddress

str

url

str

urldomain

str

flags

int4

action

str

appname

str

sourceid

str

organization

str

detectedby

str

urltype

str

startdate

timestamp

enddate

timestamp

hostchain

str

tag

str

rawMessage

str

Anchor
tag48
tag48
cloud.office365.reporting.spoofmail

Field

Type

Extra fields

eventdate

timestamp

hostname

str

organization

str

domain

str

date

timestamp

eventtype

str

direction

str

action

str

messagecount

int4

summarizeby

str

spoofedsender

str

truesender

str

senderip

str

sendinginfrastructure

str

startdate

timestamp

enddate

timestamp

aggregateby

str

index

int4

spooftype

str

source

str

adminoverride

str

compauthresult

str

compauthreason

str

spfauthstatus

str

dkimauthstatus

str

dmarcauthstatus

str

hostchain

str

tag

str

rawMessage

str

Anchor
tag49
tag49
cloud.office365.security.scorecontrol

Field

Type

Extra fields

eventdate

timestamp

hostname

str

id

str

azureTenantId

str

actionType

str

actionUrl

str

controlCategory

str

title

str

deprecated

bool

implementationCost

str

lastModifiedDateTime

str

maxScore

float8

rank

int4

remediation

str

remediationImpact

str

service

str

threats

str

tier

str

userImpact

str

vendorInformation__provider

str

vendorInformation__providerVersion

str

vendorInformation__subProvider

str

vendorInformation__vendor

str

complianceInformation

str

controlStateUpdates

str

hostchain

str

tag

str

rawMessage

str

Anchor
tag50
tag50
cloud.office365.security.scores

Field

Type

Extra fields

eventdate

timestamp

hostname

str

id

str

azureTenantId

str

activeUserCount

int4

createdDateTime

timestamp

currentScore

float8

enabledServices

str

licensedUserCount

int4

maxScore

float8

vendorInformation__provider

str

vendorInformation__providerVersion

str

vendorInformation__subProvider

str

vendorInformation__vendor

str

averageComparativeScores

str

controlScores

str

hostchain

str

tag

str

rawMessage

str

Rw tab
title51-55

Anchor
tag51
tag51
cloud.office365.securitycompliancecenter

Field

Type

Extra fields

eventdate

timestamp

hostname

str

CreationTime

timestamp

Id

str

Operation

str

OrganizationId

str

RecordType

int4

UserKey

str

UserType

int4

Version

int4

Workload

str

UserId

str

AadAppId

str

DataType

str

DatabaseType

str

RelativeUrl

str

ResultCount

str

ResultStatus

str

ObjectId

str

AlertId

str

AlertLinks

str

AlertType

str

Category

str

Comments

str

Data

str

Name

str

PolicyId

str

Severity

str

Source

str

Status

str

SecurityComplianceCenterEventType

int4

ClientApplication

str

CmdletVersion

str

EffectiveOrganization

str

NonPIIParameters

str

Parameters

str

StartTime

timestamp

UserServicePlan

str

hostchain

str

tag

str

rawMessage

str

Anchor
tag52
tag52
cloud.office365.sharepoint

Field

Type

Extra fields

eventdate

timestamp

hostname

str

CreationTime

timestamp

Id

str

Operation

str

OrganizationId

str

RecordType

int4

UserKey

str

UserType

int4

Version

int4

Workload

str

ClientIP

ip4

ObjectId

str

UserId

str

CorrelationId

str

EventSource

str

ItemType

str

ListId

str

ListItemUniqueId

str

Site

str

UserAgent

str

WebId

str

EventData

str

TargetUserOrGroupType

str

UniqueSharingId

str

SiteUrl

str

SourceRelativeUrl

str

TargetUserOrGroupName

str

ApplicationId

str

SourceFileExtension

str

SourceFileName

str

HighPriorityMediaProcessing

bool

hostchain

str

tag

str

rawMessage

str

Anchor
tag53
tag53
cloud.office365.siem_agent_alert

Field

Type

Extra fields

eventdate

timestamp

hostname

str

embDeviceVendor

str

embDeviceProduct

str

deviceVersion

str

signatureID

str

name

str

severity

str

rt

timestamp

requestClientApplication

str

start

timestamp

end

timestamp

destinationServiceName

str

externalId

str

dvc

ip4

suser

str

msg

str

portalURL

str

uniqueServiceAppIds

str

relatedAudits

str

policyIDs

str

deviceIPv6Address

str

riskScore

int8

rawMessage

str

hostchain

str

Anchor
tag54
tag54
cloud.office365.siem_agent_event

Field

Type

Extra fields

eventdate

timestamp

hostname

str

embDeviceVendor

str

embDeviceProduct

str

deviceVersion

str

signatureID

str

name

str

severity

str

rt

timestamp

requestClientApplication

str

start

timestamp

end

timestamp

destinationServiceName

str

externalId

str

dvc

ip4

suser

str

msg

str

portalURL

str

uniqueServiceAppIds

str

targetObjects

str

policyIDs

str

deviceIPv6Address

str

rawMessage

str

hostchain

str

Anchor
tag55
tag55
cloud.office365.teams

Field

Type

Extra fields

eventdate

timestamp

hostname

str

CreationTime

timestamp

Id

str

Operation

str

OrganizationId

str

RecordType

int4

UserKey

str

UserType

int4

Version

int4

Workload

str

UserId

str

AddOnGuid

str

AddOnType

int4

AppDistributionMode

str

OperationScope

int4

TargetUserId

str

AddOnName

str

ClientIP

ip4

ChatThreadId

str

CommunicationType

str

ExtraProperties

str

MessageId

str

MessageVersion

str

ItemName

str

MessageURLs

str

Name

str

TeamGuid

str

NewValue

str

OldValue

str

TeamName

str

hostchain

str

tag

str

rawMessage

str