Page Comparison

...

cef0.skyformation.skyformationCloudAppsSecurity

Field	Type	Source field name	Extra fields
eventdate	`timestamp`
hostname	`str`
priorityCode	`str`
cefTag	`str`
cefVersion	`str`
embDeviceVendor	`str`
embDeviceProduct	`str`
deviceVersion	`str`
signatureID	`str`
name	`str`
severity	`str`
_cefVer	`str`
act	`str`
cat	`str`
cn1Label	`str`
cn1	`int8`
cs1Label	`str`
cs1	`str`
cs2Label	`str`
cs2	`str`
cs6Label	`str`
cs6	`str`
destinationServiceName	`str`
deviceInboundInterface	`str`
dhost	`str`
dpriv	`str`
dproc	`str`
duid	`str`
duser	`str`
dvchost	`str`
dvcpid	`int4`
end	`timestamp`
fileHash	`str`
filePath	`str`
fileType	`str`
fname	`str`
msg	`str`
oldFilePath	`str`
outcome	`str`
out	`int8`
proto	`str`
reason	`str`
requestClientApplication	`str`
requestCookies	`str`
requestMethod	`str`
request	`str`
shost	`str`
smac	`str`
sntdom	`str`
sourceServiceName	`str`
src	`str`
suid	`str`
suser	`str`
devicePayloadId	`str`
dtz	`str`
ext_Act	`str`
ext_AppId	`str`
ext_AttCnt	`str`
ext_AttSize	`str`
ext_ClientAppId	`str`
ext_ClientIP	`str`
ext_ClientIPAddress	`str`
ext_ClientInfoString	`str`
ext_ClientRequestId	`str`
ext_CreationTime	`str`
ext_Dir	`str`
ext_ExternalAccess	`str`
ext_Folders_0__FolderItems_0__InternetMessageId	`str`
ext_Folders_0__Id	`str`
ext_Folders_0__Path	`str`
ext_Id	`str`
ext_InternalLogonType	`str`
ext_Item_Attachments	`str`
ext_Item_Id	`str`
ext_Item_InternetMessageId	`str`
ext_Item_IsRecord	`str`
ext_Item_ParentFolder_Id	`str`
ext_Item_ParentFolder_Path	`str`
ext_Item_SizeInBytes	`str`
ext_Item_Subject	`str`
ext_LogonType	`str`
ext_LogonUserSid	`str`
ext_MailboxGuid	`str`
ext_MailboxOwnerSid	`str`
ext_MailboxOwnerUPN	`str`
ext_ModifiedProperties_0_	`str`
ext_MsgId	`str`
ext_MsgSize	`str`
ext_Operation	`str`
ext_OperationCount	`str`
ext_OperationProperties_0__Name	`str`
ext_OperationProperties_0__Value	`str`
ext_OperationProperties_1__Name	`str`
ext_OperationProperties_1__Value	`str`
ext_OrganizationId	`str`
ext_OrganizationName	`str`
ext_OriginatingServer	`str`
ext_Rcpt	`str`
ext_RcptActType	`str`
ext_RcptHdrType	`str`
ext_RecordType	`str`
ext_ResultStatus	`str`
ext_Sender	`str`
ext_SessionId	`str`
ext_Subject	`str`
ext_UserId	`str`
ext_UserKey	`str`
ext_UserType	`str`
ext_Version	`str`
ext_Workload	`str`
ext__action_taken_	`str`
ext__action_taken_by_	`str`
ext__admin_id_	`str`
ext__admin_role_	`str`
ext__asset_id_	`str`
ext__cloud_app_instance_	`str`
ext__event_category___tag	`str`
ext__event_type_	`str`
ext__event_type___tag	`str`
ext__event_type__description	`str`
ext__incident_id_	`str`
ext__involve_non_team_member_	`str`
ext__item_creator_	`str`
ext__item_name_	`str`
ext__item_owner_	`str`
ext__item_type_	`str`
ext__log_type_	`str`
ext__policy_rule_name_	`str`
ext__resource_value_new_	`str`
ext__resource_value_old_	`str`
ext__riskEventTypes_v2_	`str`
ext__source_ip_	`str`
ext__target_type_	`str`
ext_aCode	`str`
ext_acc	`str`
ext_action	`str`
ext_actor__tag	`str`
ext_actor_user__tag	`str`
ext_actor_user_account_id_	`str`
ext_actor_user_display_name_	`str`
ext_actor_user_email	`str`
ext_actor_user_team_member_id_	`str`
ext_appDisplayName	`str`
ext_appId	`str`
ext_appliedConditionalAccessPolicies_0__displayName	`str`
ext_appliedConditionalAccessPolicies_0__enforcedGrantControls	`str`
ext_appliedConditionalAccessPolicies_0__enforcedSessionControls	`str`
ext_appliedConditionalAccessPolicies_0__id	`str`
ext_appliedConditionalAccessPolicies_0__result	`str`
ext_appliedConditionalAccessPolicies_10__displayName	`str`
ext_appliedConditionalAccessPolicies_10__enforcedGrantControls_0_	`str`
ext_appliedConditionalAccessPolicies_10__enforcedSessionControls	`str`
ext_appliedConditionalAccessPolicies_10__id	`str`
ext_appliedConditionalAccessPolicies_10__result	`str`
ext_appliedConditionalAccessPolicies_11__displayName	`str`
ext_appliedConditionalAccessPolicies_11__enforcedGrantControls_0_	`str`
ext_appliedConditionalAccessPolicies_11__enforcedSessionControls	`str`
ext_appliedConditionalAccessPolicies_11__id	`str`
ext_appliedConditionalAccessPolicies_11__result	`str`
ext_appliedConditionalAccessPolicies_12__displayName	`str`
ext_appliedConditionalAccessPolicies_12__enforcedGrantControls	`str`
ext_appliedConditionalAccessPolicies_12__enforcedSessionControls_0_	`str`
ext_appliedConditionalAccessPolicies_12__id	`str`
ext_appliedConditionalAccessPolicies_12__result	`str`
ext_appliedConditionalAccessPolicies_13__displayName	`str`
ext_appliedConditionalAccessPolicies_13__enforcedGrantControls	`str`
ext_appliedConditionalAccessPolicies_13__enforcedSessionControls	`str`
ext_appliedConditionalAccessPolicies_13__id	`str`
ext_appliedConditionalAccessPolicies_13__result	`str`
ext_appliedConditionalAccessPolicies_14__displayName	`str`
ext_appliedConditionalAccessPolicies_14__enforcedGrantControls	`str`
ext_appliedConditionalAccessPolicies_14__enforcedSessionControls	`str`
ext_appliedConditionalAccessPolicies_14__id	`str`
ext_appliedConditionalAccessPolicies_14__result	`str`
ext_appliedConditionalAccessPolicies_15__displayName	`str`
ext_appliedConditionalAccessPolicies_15__enforcedGrantControls_0_	`str`
ext_appliedConditionalAccessPolicies_15__enforcedSessionControls	`str`
ext_appliedConditionalAccessPolicies_15__id	`str`
ext_appliedConditionalAccessPolicies_15__result	`str`
ext_appliedConditionalAccessPolicies_16__displayName	`str`
ext_appliedConditionalAccessPolicies_16__enforcedGrantControls_0_	`str`
ext_appliedConditionalAccessPolicies_16__enforcedSessionControls	`str`
ext_appliedConditionalAccessPolicies_16__id	`str`
ext_appliedConditionalAccessPolicies_16__result	`str`
ext_appliedConditionalAccessPolicies_1__displayName	`str`
ext_appliedConditionalAccessPolicies_1__enforcedGrantControls_0_	`str`
ext_appliedConditionalAccessPolicies_1__enforcedSessionControls	`str`
ext_appliedConditionalAccessPolicies_1__id	`str`
ext_appliedConditionalAccessPolicies_1__result	`str`
ext_appliedConditionalAccessPolicies_2__displayName	`str`
ext_appliedConditionalAccessPolicies_2__enforcedGrantControls	`str`
ext_appliedConditionalAccessPolicies_2__enforcedSessionControls	`str`
ext_appliedConditionalAccessPolicies_2__id	`str`
ext_appliedConditionalAccessPolicies_2__result	`str`
ext_appliedConditionalAccessPolicies_3__displayName	`str`
ext_appliedConditionalAccessPolicies_3__enforcedGrantControls_0_	`str`
ext_appliedConditionalAccessPolicies_3__enforcedSessionControls	`str`
ext_appliedConditionalAccessPolicies_3__id	`str`
ext_appliedConditionalAccessPolicies_3__result	`str`
ext_appliedConditionalAccessPolicies_4__displayName	`str`
ext_appliedConditionalAccessPolicies_4__enforcedGrantControls_0_	`str`
ext_appliedConditionalAccessPolicies_4__enforcedSessionControls	`str`
ext_appliedConditionalAccessPolicies_4__id	`str`
ext_appliedConditionalAccessPolicies_4__result	`str`
ext_appliedConditionalAccessPolicies_5__displayName	`str`
ext_appliedConditionalAccessPolicies_5__enforcedGrantControls_0_	`str`
ext_appliedConditionalAccessPolicies_5__enforcedSessionControls	`str`
ext_appliedConditionalAccessPolicies_5__id	`str`
ext_appliedConditionalAccessPolicies_5__result	`str`
ext_appliedConditionalAccessPolicies_6__displayName	`str`
ext_appliedConditionalAccessPolicies_6__enforcedGrantControls	`str`
ext_appliedConditionalAccessPolicies_6__enforcedSessionControls	`str`
ext_appliedConditionalAccessPolicies_6__id	`str`
ext_appliedConditionalAccessPolicies_6__result	`str`
ext_appliedConditionalAccessPolicies_7__displayName	`str`
ext_appliedConditionalAccessPolicies_7__enforcedGrantControls_0_	`str`
ext_appliedConditionalAccessPolicies_7__enforcedSessionControls	`str`
ext_appliedConditionalAccessPolicies_7__id	`str`
ext_appliedConditionalAccessPolicies_7__result	`str`
ext_appliedConditionalAccessPolicies_8__displayName	`str`
ext_appliedConditionalAccessPolicies_8__enforcedGrantControls	`str`
ext_appliedConditionalAccessPolicies_8__enforcedSessionControls_0_	`str`
ext_appliedConditionalAccessPolicies_8__id	`str`
ext_appliedConditionalAccessPolicies_8__result	`str`
ext_appliedConditionalAccessPolicies_9__displayName	`str`
ext_appliedConditionalAccessPolicies_9__enforcedGrantControls_0_	`str`
ext_appliedConditionalAccessPolicies_9__enforcedSessionControls	`str`
ext_appliedConditionalAccessPolicies_9__id	`str`
ext_appliedConditionalAccessPolicies_9__result	`str`
ext_assets	`str`
ext_auditType	`str`
ext_authorization_action	`str`
ext_authorization_scope	`str`
ext_caller	`str`
ext_category	`str`
ext_category_localizedValue	`str`
ext_category_value	`str`
ext_channels	`str`
ext_claims_aio	`str`
ext_claims_appid	`str`
ext_claims_appidacr	`str`
ext_claims_aud	`str`
ext_claims_exp	`str`
ext_claims_groups	`str`
ext_claims_iat	`str`
ext_claims_iss	`str`
ext_claims_nbf	`str`
ext_claims_rh	`str`
ext_claims_uti	`str`
ext_claims_ver	`str`
ext_claims_xms_tcdt_	`str`
ext_clientAppUsed	`str`
ext_conditionalAccessStatus	`str`
ext_context__tag	`str`
ext_context_account_id_	`str`
ext_context_display_name_	`str`
ext_context_email	`str`
ext_context_team_member_id_	`str`
ext_correlationId	`str`
ext_createdDateTime	`str`
ext_datetime	`str`
ext_description	`str`
ext_details__tag	`str`
ext_details_user_agent_	`str`
ext_deviceDetail_browser	`str`
ext_deviceDetail_deviceId	`str`
ext_deviceDetail_displayName	`str`
ext_deviceDetail_isCompliant	`str`
ext_deviceDetail_isManaged	`str`
ext_deviceDetail_operatingSystem	`str`
ext_deviceDetail_trustType	`str`
ext_eventDataId	`str`
ext_eventInfo	`str`
ext_eventName_localizedValue	`str`
ext_eventName_value	`str`
ext_eventTime	`str`
ext_eventTimestamp	`str`
ext_field	`str`
ext_httpRequest_clientIpAddress	`str`
ext_httpRequest_clientRequestId	`str`
ext_httpRequest_method	`str`
ext_id	`str`
ext_ip	`str`
ext_ipAddress	`str`
ext_isInteractive	`str`
ext_level	`str`
ext_location	`str`
ext_location_city	`str`
ext_location_countryOrRegion	`str`
ext_location_geoCoordinates_latitude	`str`
ext_location_geoCoordinates_longitude	`str`
ext_location_state	`str`
ext_operationId	`str`
ext_operationName_localizedValue	`str`
ext_operationName_value	`str`
ext_origin_access_method___tag	`str`
ext_origin_access_method__end_user___tag	`str`
ext_origin_access_method__end_user__session_id_	`str`
ext_origin_geo_location__city	`str`
ext_origin_geo_location__country	`str`
ext_origin_geo_location__ip_address_	`str`
ext_origin_geo_location__region	`str`
ext_participants	`str`
ext_properties_eventCategory	`str`
ext_properties_serviceRequestId	`str`
ext_properties_statusCode	`str`
ext_resourceDisplayName	`str`
ext_resourceGroupName	`str`
ext_resourceId	`str`
ext_resourceProviderName_localizedValue	`str`
ext_resourceProviderName_value	`str`
ext_resourceType_localizedValue	`str`
ext_resourceType_value	`str`
ext_riskDetail	`str`
ext_riskEventTypes	`str`
ext_riskLevelAggregated	`str`
ext_riskLevelDuringSignIn	`str`
ext_riskState	`str`
ext_serial	`str`
ext_severity	`str`
ext_status_errorCode	`str`
ext_status_failureReason	`str`
ext_status_localizedValue	`str`
ext_status_value	`str`
ext_subStatus_localizedValue	`str`
ext_subStatus_value	`str`
ext_submissionTimestamp	`str`
ext_subscriptionId	`str`
ext_tenantId	`str`
ext_timestamp	`str`
ext_user	`str`
ext_userDisplayName	`str`
ext_userId	`str`
ext_userPrincipalName	`str`
externalID	`str`
flexString1	`str`
flexString1Label	`str`
flexString2	`str`
flexString2Label	`str`
requestContext	`str`
hostchain	`str`		✓
rawMessage	`str`		✓
tag	`str`	cefTag	✓

Versions Compared

Old Version 1

New Version Current

Key

cef0.skyformation.skyformationCloudAppsSecurity