Page Comparison

...

Product / Service	Tags	Data tables
Digital Guardian	`dlp.digitalguardian.arc.events`	`dlp.digitalguardian.arc.events`
	`dlp.digitalguardian.endpointdlp.alerts`	`dlp.digitalguardian.endpointdlp.alerts`
	`dlp.digitalguardian.endpointdlp.audit`	`dlp.digitalguardian.endpointdlp.audit`
	`dlp.digitalguardian.endpointdlp.classification`	`dlp.digitalguardian.endpointdlp.classification`
	`dlp.digitalguardian.endpointdlp.events`	`dlp.digitalguardian.endpointdlp.events`
	`dlp.digitalguardian.endpointdlp.alerts`	`dlp.digitalguardian.endpointdlp`
	`dlp.digitalguardian.networkdlp.events`	`dlp.digitalguardian.networkdlp.events`

For more information, read more about Devo tags.

...

Field	Type	Extra field	Source field name
eventdate	`timestamp`
type	`str`		vtype
message	`str`		rawSource
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓	rawSource

Field	Type	Extra field
eventdate	`timestamp`
hostname	`str`
incident_id	`str`
managed_device_id	`str`
number_of_incidents	`str`
incident_status	`str`
matched_policies_by_severity	`str`
action_taken	`str`
matches	`str`
protocol	`str`
http_url	`str`
inspected_document	`str`
source	`str`
source_ip	`ip4`
source_port	`str`
destination	`str`
destination_ip	`ip4`
destination_port	`str`
email_subject	`str`
email_sender	`str`
email_recipients	`str`
timestamp	`str`
managed_device_name	`str`
incidents_url	`str`
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`

Versions Compared