Page Comparison

Table of Contents

Field	Type	Extra Field
eventdate	`timestamp`	-
aid	`str`	-
aip	`ip4`	-
cid	`str`	-
event_platform	`str`	-
event_simpleName	`str`	-
id	`str`	-
name	`str`	-
timestamp	`timestamp`	-
ConfigBuild	`str`	-
ConfigStateHash	`str`	-
ConnectionDirection	`str`	-
ConnectionFlags	`str`	-
ContextProcessId	`str`	-
ContextTimeStamp	`str`	-
Entitlements	`str`	-
InContext	`str`	-
LocalAddressIP4	`ip4`	-
LocalPort	`str`	-
Protocol	`str`	-
EffectiveTransmissionClass	`str`	-
RemoteAddressIP4	`ip4`	-
RemotePort	`str`	-
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	-

Field	Type	Extra Field
eventdate	`timestamp`	-
aid	`str`	-
aip	`ip4`	-
cid	`str`	-
event_platform	`str`	-
event_simpleName	`str`	-
id	`str`	-
name	`str`	-
timestamp	`timestamp`	-
LinkName	`str`	-
AuthenticationId	`str`	-
CommandLine	`str`	-
ConfigBuild	`str`	-
ConfigStateHash	`str`	-
EffectiveTransmissionClass	`str`	-
Entitlements	`str`	-
FullFilePath	`str`	-
FilePath	`str`	-
ComputerName	`str`	-
UserName	`str`	-
FileName	`str`	-
ImageFileName	`str`	-
ImageSubsystem	`str`	-
IntegrityLevel	`str`	-
MD5HashData	`str`	-
ParentAuthenticationId	`str`	-
ParentProcessId	`str`	-
ProcessCreateFlags	`str`	-
ProcessEndTime	`str`	-
ProcessParameterFlags	`str`	-
ProcessStartTime	`str`	-
ProcessSxsFlags	`str`	-
RawProcessId	`str`	-
SHA1HashData	`str`	-
SHA256HashData	`str`	-
SourceProcessId	`str`	-
SourceThreadId	`str`	-
TargetProcessId	`str`	-
TokenType	`str`	-
UserSid	`str`	-
ParentBaseFileName	`str`	-
GrandParentBaseFileName	`str`	-
UID	`str`	-
RGID	`str`	-
RUID	`str`	-
GID	`str`	-
MachOSubType	`str`	-
ProcessGroupId	`str`	-
SessionProcessId	`str`	-
SVGID	`str`	-
SVUID	`str`	-
Tags	`str`	-
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	-

Field	Type	Extra Field
eventdate	`timestamp`	-
aid	`str`	-
aip	`ip4`	-
cid	`str`	-
event_platform	`str`	-
event_simpleName	`str`	-
id	`str`	-
name	`str`	-
timestamp	`timestamp`	-
CommandLine	`str`	-
ConfigBuild	`str`	-
ConfigStateHash	`str`	-
Entitlements	`str`	-
ProcessCount	`str`	-
SHA256HashData	`str`	-
Timeout	`str`	-
UID	`str`	-
EffectiveTransmissionClass	`str`	-
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	-

Field	Type	Extra Field
eventdate	`timestamp`	-
aid	`str`	-
aip	`ip4`	-
cid	`str`	-
event_platform	`str`	-
event_simpleName	`str`	-
id	`str`	-
name	`str`	-
timestamp	`timestamp`	-
ConfigBuild	`str`	-
ConfigIDBase	`str`	-
ConfigIDBuild	`str`	-
ConfigIDPlatform	`str`	-
ConfigStateHash	`str`	-
ConfigurationVersion	`str`	-
EffectiveTransmissionClass	`str`	-
Entitlements	`str`	-
NetworkContainmentState	`str`	-
ProvisionState	`str`	-
SensorStateBitMap	`str`	-
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	-

Field	Type	Extra Field
eventdate	`timestamp`	-
aid	`str`	-
aip	`ip4`	-
cid	`str`	-
event_platform	`str`	-
event_simpleName	`str`	-
id	`str`	-
name	`str`	-
timestamp	`timestamp`	-
AuthenticationId	`str`	-
CommandLine	`str`	-
ConfigBuild	`str`	-
ConfigStateHash	`str`	-
ContextTimeStamp	`str`	-
EffectiveTransmissionClass	`str`	-
Entitlements	`str`	-
ImageFileName	`str`	-
IntegrityLevel	`str`	-
ParentProcessId	`str`	-
ProcessStartTime	`str`	-
RawProcessId	`str`	-
SHA256HashData	`str`	-
SyntheticPR2Flags	`str`	-
TargetProcessId	`str`	-
UserSid	`str`	-
MD5HashData	`str`	-
UID	`str`	-
RGID	`str`	-
RUID	`str`	-
GID	`str`	-
ProcessGroupId	`str`	-
SessionProcessId	`str`	-
SHA1HashData	`str`	-
SourceProcessId	`str`	-
SVGID	`str`	-
SVUID	`str`	-
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	-

...

Versions Compared