...
Field | Data type | Description | ||
---|---|---|---|---|
actiondate |
| Date of the action performed. | ||
Id |
| Unique ID automatically assigned to the alert when defined. | ||
name |
| Name assigned to the alert when defined. | ||
action |
| The action carried out (CREATE, EDIT, ENABLE, DISABLE, DELETE…). | ||
username |
| User who performed the action.
| ||
info |
| Detailed information about the alert definition settings whenever it’s created or edited (name, description, subcategory, ID, triggering method, priority, etc.). When the action involves enabling, disabling, or deleting, this field will be empty. See siem.logtrust.alert.info for the meaning of numerical values in fields such as priority. |
...