Versions Compared

Old Version 2

changes.mady.by.user Juan Tomás Alonso Nieto

Saved on

compared with

New Version 3

changes.mady.by.user Juan Tomás Alonso Nieto

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Rw ui tabs macro
Rw tab
title21-25

Anchor
tag21
tag21
cloud.azure.aks.kube_controller_manager

Field

Type

Extra fields

eventdate

timestamp

hostname

str

region

str

timestamp

timestamp

ccpNamespace

str

UnderlayName

str

operationName

str

category

str

UnderlayClass

str

properties__log

str

properties__stream

str

properties__containerID

str

properties__pod

str

Environment

str

Cloud

str

attrs

str

resourceId

str

hostchain

str

tag

str

rawMessage

str

Anchor
tag22
tag22
cloud.azure.aks.kube_scheduler

Field

Type

Extra fields

eventdate

timestamp

hostname

str

region

str

timestamp

timestamp

ccpNamespace

str

UnderlayName

str

operationName

str

category

str

UnderlayClass

str

properties__log

str

properties__stream

str

properties__containerID

str

properties__pod

str

Environment

str

Cloud

str

attrs

str

resourceId

str

hostchain

str

tag

str

rawMessage

str

Anchor
tag23
tag23
cloud.azure.apimanagement.gatewaylogs

Field

Type

Field transformation

Source field name

Extra fields

eventdate

timestamp

 

 

hostname

str

 

 

region

str

 

 

callerIpAddress

ip4

 

 

isRequestSuccess

bool

 

 

resourceId

str

 

 

location

str

 

 

Level

int4

 

 

operationName

str

 

 

correlationId

str

 

 

time

timestamp

Code Block
parsedate(time_str, ifthenelse(length(time_str) = 25, dateformat("YYYY-MM-DD[T]HH:mm:ssZZ", "UTC"), dateformat("YYYY-MM-DD[T]HH:mm:ss.SSSSSSS[Z]", "UTC")))

time_str

category

str

 

 

durationMs

int4

 

 

properties__cache

str

 

 

properties__backendMethod

str

 

 

properties__backendResponseCode

int4

 

 

properties__productId

str

 

 

properties__method

str

 

 

properties__apimSubscriptionId

str

 

 

properties__backendTime

int4

 

 

properties__responseSize

int4

 

 

properties__backendUrl

str

 

 

properties__clientTlsVersion

str

 

 

properties__userId

str

 

 

properties__url

str

 

 

properties__responseCode

int4

 

 

properties__backendProtocol

str

 

 

properties__operationId

str

 

 

properties__clientProtocol

str

 

 

properties__apiRevision

str

 

 

properties__requestSize

int4

 

 

properties__apiId

str

 

 

hostchain

str

 

 

tag

str

 

 

rawMessage

str

 

 

Anchor
tag24
tag24
cloud.azure.appgateway.access_log

Field

Type

Field transformation

Source field name

Extra fields

eventdate

timestamp

 

 

hostname

str

 

 

region

str

 

 

timestamp

timestamp

Code Block
parsedate(time, ifthenelse(length(time) = 25, dateformat("YYYY-MM-DD[T]HH:mm:ssZZ", "UTC"), dateformat("YYYY-MM-DD[T]HH:mm:ss.SSSSSSS[Z]", "UTC")))

time

resourceId

str

 

 

listenerName

str

 

 

ruleName

str

 

 

backendPoolName

str

 

 

backendSettingName

str

 

 

operationName

str

 

 

category

str

 

 

properties__instanceId

str

 

 

properties__clientIP

ip4

 

 

properties__clientPort

int4

 

 

properties__httpMethod

str

 

 

properties__originalRequestUriWithArgs

str

 

 

properties__requestUri

str

 

 

properties__requestQuery

str

 

 

properties__userAgent

str

 

 

properties__httpStatus

int4

 

 

properties__httpVersion

str

 

 

properties__receivedBytes

int4

 

 

properties__sentBytes

int4

 

 

properties__timeTaken

str

 

 

properties__transactionId

str

 

 

properties__sslEnabled

str

 

 

properties__sslCipher

str

 

 

properties__sslProtocol

str

 

 

properties__sslClientVerify

str

 

 

properties__sslClientCertificateFingerprint

str

 

 

properties__sslClientCertificateIssuerName

str

 

 

properties__serverRouted

str

 

 

properties__serverStatus

str

 

 

properties__serverResponseLatency

str

 

 

properties__originalHost

str

 

 

properties__host

str

 

 

at_devo_collector_version

int4

 

 

at_entry_offset

str

 

 

at_enqueued_time

timestamp

 

 

hostchain

str

 

 

tag

str

 

 

rawMessage

str

 

 

Anchor
tag25
tag25
cloud.azure.appgateway.administrative

Field

Type

Field transformation

Source field name

Extra fields

eventdate

timestamp

 

 

hostname

str

 

 

region

str

 

 

roleLocation

str

 

 

timestamp

timestamp

Code Block
parsedate(time, dateformat("YYYY-MM-DD[T]HH:mm:ss.SSSSSSS[Z]", "UTC"))

time

resourceId

str

 

 

operationName

str

 

 

category

str

 

 

resultType

str

 

 

resultSignature

str

 

 

durationMs

str

 

 

callerIpAddress

ip4

 

 

correlationId

str

 

 

identity__authorization__scope

str

 

 

identity__authorization__action

str

 

 

identity__authorization__evidence__role

str

 

 

identity__authorization__evidence__roleAssignmentScope

str

 

 

identity__authorization__evidence__roleAssignmentId

str

 

 

identity__authorization__evidence__roleDefinitionId

str

 

 

identity__authorization__evidence__principalId

str

 

 

identity__authorization__evidence__principalType

str

 

 

identity__claims__aud

str

 

 

identity__claims__iss

str

 

 

identity__claims__iat

str

 

 

identity__claims__nbf

str

 

 

identity__claims__exp

str

 

 

identity__claims__aio

str

 

 

identity__claims__appid

str

 

 

identity__claims__appidacr

str

 

 

identity__claims__groups

str

 

 

identity__claims__rh

str

 

 

identity__claims__uti

str

 

 

identity__claims__ver

str

 

 

identity__claims__xms_tcdt

str

 

 

identity__claims

json

 

 

level

str

 

 

properties__eventCategory

str

 

 

properties__entity

str

 

 

properties__message

str

 

 

properties__hierarchy

str

 

 

tenantId

str

 

 

at_devo_collector_version

int4

 

 

at_entry_offset

str

 

 

at_enqueued_time

timestamp

 

 

hostchain

str

 

 

tag

str

 

 

rawMessage

str

 

 

Rw tab
title26-30

Anchor
tag26
tag26
cloud.azure.appgateway.firewall_log

Field

Type

Field transformation

Source field name

Extra fields

eventdate

timestamp

 

 

hostname

str

 

 

region

str

 

 

resourceId

str

 

 

operationName

str

 

 

timestamp

timestamp

Code Block
parsedate(time, ifthenelse(length(time) = 25, dateformat("YYYY-MM-DD[T]HH:mm:ssZZ", "UTC"), dateformat("YYYY-MM-DD[T]HH:mm:ss.SSSSSSS[Z]", "UTC")))

time

category

str

 

 

properties__instanceId

str

 

 

properties__clientIp

ip4

 

 

properties__clientPort

str

 

 

properties__requestUri

str

 

 

properties__ruleSetType

str

 

 

properties__ruleSetVersion

str

 

 

properties__ruleId

str

 

 

properties__ruleGroup

str

 

 

properties__message

str

 

 

properties__action

str

 

 

properties__site

str

 

 

properties__details__message

str

 

 

properties__details__data

str

 

 

properties__details__file

str

 

 

properties__details__line

str

 

 

properties__hostname

str

 

 

properties__transactionId

str

 

 

properties__policyId

str

 

 

properties__policyScope

str

 

 

properties__policyScopeName

str

 

 

at_devo_collector_version

int4

 

 

at_entry_offset

str

 

 

at_enqueued_time

timestamp

 

 

hostchain

str

 

 

tag

str

 

 

rawMessage

str

 

 

Anchor
tag27
tag27
cloud.azure.appgateway.policy

Field

Type

Extra fields

eventdate

timestamp

hostname

str

region

str

roleLocation

str

timestamp

timestamp

resourceId

str

operationName

str

category

str

resultType

str

resultSignature

str

durationMs

str

callerIpAddress

ip4

correlationId

str

identity__authorization__scope

str

identity__authorization__action

str

identity__authorization__evidence__role

str

identity__authorization__evidence__roleAssignmentScope

str

identity__authorization__evidence__roleAssignmentId

str

identity__authorization__evidence__roleDefinitionId

str

identity__authorization__evidence__principalId

str

identity__authorization__evidence__principalType

str

identity__claims__aud

str

identity__claims__iss

str

identity__claims__iat

str

identity__claims__nbf

str

identity__claims__exp

str

identity__claims__aio

str

identity__claims__appid

str

identity__claims__appidacr

str

identity__claims__groups

str

identity__claims__rh

str

identity__claims__uti

str

identity__claims__ver

str

identity__claims__xms_tcdt

str

identity__claims

json

properties__isComplianceCheck

str

properties__resourceLocation

str

properties__ancestors

str

properties__policies

json

properties__eventCategory

str

properties__entity

str

properties__message

str

properties__hierarchy

str

level

str

tenantId

str

at_devo_collector_version

int4

at_entry_offset

str

at_enqueued_time

timestamp

hostchain

str

tag

str

rawMessage

str

Anchor
tag28
tag28
cloud.azure.appservice.access_audit

Field

Type

Field transformation

Source field name

Extra fields

eventdate

timestamp

 

 

hostname

str

 

 

region

str

 

 

timestamp

timestamp

Code Block
parsedate(time, dateformat("YYYY-MM-DD[T]HH:mm:ss.SSSSSSS[Z]", "UTC"))

time

ResourceId

str

 

 

Category

str

 

 

OperationName

str

 

 

Properties_User

str

 

 

Properties_UserDisplayName

str

 

 

Properties_UserAddress

ip4

 

 

Properties_Protocol

str

 

 

at_devo_collector_version

int4

 

 

at_entry_offset

str

 

 

at_enqueued_time

timestamp

 

 

hostchain

str

 

 

tag

str

 

 

rawMessage

str

 

 

Anchor
tag29
tag29
cloud.azure.appservice.administrative

Field

Type

Field transformation

Source field name

Extra fields

eventdate

timestamp

 

 

hostname

str

 

 

region

str

 

 

roleLocation

str

 

 

timestamp

timestamp

Code Block
parsedate(time, dateformat("YYYY-MM-DD[T]HH:mm:ss.SSSSSSS[Z]", "UTC"))

time

resourceId

str

 

 

operationName

str

 

 

category

str

 

 

resultType

str

 

 

resultSignature

str

 

 

durationMs

str

 

 

callerIpAddress

ip4

 

 

correlationId

str

 

 

identity__authorization__scope

str

 

 

identity__authorization__action

str

 

 

identity__authorization__evidence__role

str

 

 

identity__authorization__evidence__roleAssignmentScope

str

 

 

identity__authorization__evidence__roleAssignmentId

str

 

 

identity__authorization__evidence__roleDefinitionId

str

 

 

identity__authorization__evidence__principalId

str

 

 

identity__authorization__evidence__principalType

str

 

 

identity__claims__aud

str

 

 

identity__claims__iss

str

 

 

identity__claims__iat

str

 

 

identity__claims__nbf

str

 

 

identity__claims__exp

str

 

 

identity__claims__aio

str

 

 

identity__claims__appid

str

 

 

identity__claims__appidacr

str

 

 

identity__claims__groups

str

 

 

identity__claims__rh

str

 

 

identity__claims__uti

str

 

 

identity__claims__ver

str

 

 

identity__claims__xms_tcdt

str

 

 

identity__claims

json

 

 

level

str

 

 

properties__statusCode

str

 

 

properties__serviceRequestId

str

 

 

properties__eventCategory

str

 

 

properties__entity

str

 

 

properties__message

str

 

 

properties__hierarchy

str

 

 

tenantId

str

 

 

at_devo_collector_version

int4

 

 

at_entry_offset

str

 

 

at_enqueued_time

timestamp

 

 

hostchain

str

 

 

tag

str

 

 

rawMessage

str

 

 

Anchor
tag30
tag30
cloud.azure.appservice.app

Field

Type

Field transformation

Source field name

Extra fields

eventdate

timestamp

 

 

hostname

str

 

 

region

str

 

 

resource_id

str

 

 

category

str

 

 

timestamp

timestamp

 

 

level

str

 

 

operation_name

str

 

 

result_description

str

 

 

properties

json

 

 

properties_precise_date_time

timestamp

 

 

properties_resource_id

str

 

 

properties_stacktrace

str

 

 

properties_level

str

 

 

properties_source

str

 

 

properties_message

str

 

 

properties_web_site_instance_id

str

 

 

at_devo_collector_version

int4

 

 

at_entry_offset

str

 

 

at_enqueued_time

timestamp

 

 

hostchain

str

 

 

tag

str

 

 

rawMessage

str

 

 

Rw tab
title31-35

Rw tab
title35-40