Versions Compared

Old Version 1

changes.mady.by.user Juan Tomás Alonso Nieto

Saved on

compared with

New Version Current

changes.mady.by.user Juan Tomás Alonso Nieto

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Rw ui tabs macro
Rw tab
title21-25

Anchor
tag21
tag21
cloud.azure.aks.kube_controller_manager

Field

Type

Extra fields

eventdate

timestamp

hostname

str

region

str

timestamp

timestamp

ccpNamespace

str

UnderlayName

str

operationName

str

category

str

UnderlayClass

str

properties__log

str

properties__stream

str

properties__containerID

str

properties__pod

str

Environment

str

Cloud

str

attrs

str

resourceId

str

hostchain

str

tag

str

rawMessage

str

Anchor
tag22
tag22
cloud.azure.aks.kube_scheduler

Field

Type

Extra fields

eventdate

timestamp

hostname

str

region

str

timestamp

timestamp

ccpNamespace

str

UnderlayName

str

operationName

str

category

str

UnderlayClass

str

properties__log

str

properties__stream

str

properties__containerID

str

properties__pod

str

Environment

str

Cloud

str

attrs

str

resourceId

str

hostchain

str

tag

str

rawMessage

str

Anchor
tag23
tag23
cloud.azure.apimanagement.gatewaylogs

Field

Type

Field transformation

Source field name

Extra fields

eventdate

timestamp

 

 

hostname

str

 

 

region

str

 

 

callerIpAddress

ip4

 

 

isRequestSuccess

bool

 

 

resourceId

str

 

 

location

str

 

 

Level

int4

 

 

operationName

str

 

 

correlationId

str

 

 

time

timestamp

Code Block
parsedate(time_str, ifthenelse(length(time_str) = 25, dateformat("YYYY-MM-DD[T]HH:mm:ssZZ", "UTC"), dateformat("YYYY-MM-DD[T]HH:mm:ss.SSSSSSS[Z]", "UTC")))

time_str

category

str

 

 

durationMs

int4

 

 

properties__cache

str

 

 

properties__backendMethod

str

 

 

properties__backendResponseCode

int4

 

 

properties__productId

str

 

 

properties__method

str

 

 

properties__apimSubscriptionId

str

 

 

properties__backendTime

int4

 

 

properties__responseSize

int4

 

 

properties__backendUrl

str

 

 

properties__clientTlsVersion

str

 

 

properties__userId

str

 

 

properties__url

str

 

 

properties__responseCode

int4

 

 

properties__backendProtocol

str

 

 

properties__operationId

str

 

 

properties__clientProtocol

str

 

 

properties__apiRevision

str

 

 

properties__requestSize

int4

 

 

properties__apiId

str

 

 

hostchain

str

 

 

tag

str

 

 

rawMessage

str

 

 

Anchor
tag24
tag24
cloud.azure.appgateway.access_log

Field

Type

Field transformation

Source field name

Extra fields

eventdate

timestamp

 

 

hostname

str

 

 

region

str

 

 

timestamp

timestamp

Code Block
parsedate(time, ifthenelse(length(time) = 25, dateformat("YYYY-MM-DD[T]HH:mm:ssZZ", "UTC"), dateformat("YYYY-MM-DD[T]HH:mm:ss.SSSSSSS[Z]", "UTC")))

time

resourceId

str

 

 

listenerName

str

 

 

ruleName

str

 

 

backendPoolName

str

 

 

backendSettingName

str

 

 

operationName

str

 

 

category

str

 

 

properties__instanceId

str

 

 

properties__clientIP

ip4

 

 

properties__clientPort

int4

 

 

properties__httpMethod

str

 

 

properties__originalRequestUriWithArgs

str

 

 

properties__requestUri

str

 

 

properties__requestQuery

str

 

 

properties__userAgent

str

 

 

properties__httpStatus

int4

 

 

properties__httpVersion

str

 

 

properties__receivedBytes

int4

 

 

properties__sentBytes

int4

 

 

properties__timeTaken

str

 

 

properties__transactionId

str

 

 

properties__sslEnabled

str

 

 

properties__sslCipher

str

 

 

properties__sslProtocol

str

 

 

properties__sslClientVerify

str

 

 

properties__sslClientCertificateFingerprint

str

 

 

properties__sslClientCertificateIssuerName

str

 

 

properties__serverRouted

str

 

 

properties__serverStatus

str

 

 

properties__serverResponseLatency

str

 

 

properties__originalHost

str

 

 

properties__host

str

 

 

at_devo_collector_version

int4

 

 

at_entry_offset

str

 

 

at_enqueued_time

timestamp

 

 

hostchain

str

 

 

tag

str

 

 

rawMessage

str

 

 

Anchor
tag25
tag25
cloud.azure.appgateway.administrative

Field

Type

Field transformation

Source field name

Extra fields

eventdate

timestamp

 

 

hostname

str

 

 

region

str

 

 

roleLocation

str

 

 

timestamp

timestamp

Code Block
parsedate(time, dateformat("YYYY-MM-DD[T]HH:mm:ss.SSSSSSS[Z]", "UTC"))

time

resourceId

str

 

 

operationName

str

 

 

category

str

 

 

resultType

str

 

 

resultSignature

str

 

 

durationMs

str

 

 

callerIpAddress

ip4

 

 

correlationId

str

 

 

identity__authorization__scope

str

 

 

identity__authorization__action

str

 

 

identity__authorization__evidence__role

str

 

 

identity__authorization__evidence__roleAssignmentScope

str

 

 

identity__authorization__evidence__roleAssignmentId

str

 

 

identity__authorization__evidence__roleDefinitionId

str

 

 

identity__authorization__evidence__principalId

str

 

 

identity__authorization__evidence__principalType

str

 

 

identity__claims__aud

str

 

 

identity__claims__iss

str

 

 

identity__claims__iat

str

 

 

identity__claims__nbf

str

 

 

identity__claims__exp

str

 

 

identity__claims__aio

str

 

 

identity__claims__appid

str

 

 

identity__claims__appidacr

str

 

 

identity__claims__groups

str

 

 

identity__claims__rh

str

 

 

identity__claims__uti

str

 

 

identity__claims__ver

str

 

 

identity__claims__xms_tcdt

str

 

 

identity__claims

json

 

 

level

str

 

 

properties__eventCategory

str

 

 

properties__entity

str

 

 

properties__message

str

 

 

properties__hierarchy

str

 

 

tenantId

str

 

 

at_devo_collector_version

int4

 

 

at_entry_offset

str

 

 

at_enqueued_time

timestamp

 

 

hostchain

str

 

 

tag

str

 

 

rawMessage

str

 

 

Rw tab
title26-30

Anchor
tag26
tag26
cloud.azure.appgateway.firewall_log

Field

Type

Field transformation

Source field name

Extra fields

eventdate

timestamp

 

 

hostname

str

 

 

region

str

 

 

resourceId

str

 

 

operationName

str

 

 

timestamp

timestamp

Code Block
parsedate(time, ifthenelse(length(time) = 25, dateformat("YYYY-MM-DD[T]HH:mm:ssZZ", "UTC"), dateformat("YYYY-MM-DD[T]HH:mm:ss.SSSSSSS[Z]", "UTC")))

time

category

str

 

 

properties__instanceId

str

 

 

properties__clientIp

ip4

 

 

properties__clientPort

str

 

 

properties__requestUri

str

 

 

properties__ruleSetType

str

 

 

properties__ruleSetVersion

str

 

 

properties__ruleId

str

 

 

properties__ruleGroup

str

 

 

properties__message

str

 

 

properties__action

str

 

 

properties__site

str

 

 

properties__details__message

str

 

 

properties__details__data

str

 

 

properties__details__file

str

 

 

properties__details__line

str

 

 

properties__hostname

str

 

 

properties__transactionId

str

 

 

properties__policyId

str

 

 

properties__policyScope

str

 

 

properties__policyScopeName

str

 

 

at_devo_collector_version

int4

 

 

at_entry_offset

str

 

 

at_enqueued_time

timestamp

 

 

hostchain

str

 

 

tag

str

 

 

rawMessage

str

 

 

Anchor
tag27
tag27
cloud.azure.appgateway.policy

Field

Type

Extra fields

eventdate

timestamp

hostname

str

region

str

roleLocation

str

timestamp

timestamp

resourceId

str

operationName

str

category

str

resultType

str

resultSignature

str

durationMs

str

callerIpAddress

ip4

correlationId

str

identity__authorization__scope

str

identity__authorization__action

str

identity__authorization__evidence__role

str

identity__authorization__evidence__roleAssignmentScope

str

identity__authorization__evidence__roleAssignmentId

str

identity__authorization__evidence__roleDefinitionId

str

identity__authorization__evidence__principalId

str

identity__authorization__evidence__principalType

str

identity__claims__aud

str

identity__claims__iss

str

identity__claims__iat

str

identity__claims__nbf

str

identity__claims__exp

str

identity__claims__aio

str

identity__claims__appid

str

identity__claims__appidacr

str

identity__claims__groups

str

identity__claims__rh

str

identity__claims__uti

str

identity__claims__ver

str

identity__claims__xms_tcdt

str

identity__claims

json

properties__isComplianceCheck

str

properties__resourceLocation

str

properties__ancestors

str

properties__policies

json

properties__eventCategory

str

properties__entity

str

properties__message

str

properties__hierarchy

str

level

str

tenantId

str

at_devo_collector_version

int4

at_entry_offset

str

at_enqueued_time

timestamp

hostchain

str

tag

str

rawMessage

str

Anchor
tag28
tag28
cloud.azure.appservice.access_audit

Field

Type

Field transformation

Source field name

Extra fields

eventdate

timestamp

 

 

hostname

str

 

 

region

str

 

 

timestamp

timestamp

Code Block
parsedate(time, dateformat("YYYY-MM-DD[T]HH:mm:ss.SSSSSSS[Z]", "UTC"))

time

ResourceId

str

 

 

Category

str

 

 

OperationName

str

 

 

Properties_User

str

 

 

Properties_UserDisplayName

str

 

 

Properties_UserAddress

ip4

 

 

Properties_Protocol

str

 

 

at_devo_collector_version

int4

 

 

at_entry_offset

str

 

 

at_enqueued_time

timestamp

 

 

hostchain

str

 

 

tag

str

 

 

rawMessage

str

 

 

Anchor
tag29
tag29
cloud.azure.appservice.administrative

Field

Type

Field transformation

Source field name

Extra fields

eventdate

timestamp

 

 

hostname

str

 

 

region

str

 

 

roleLocation

str

 

 

timestamp

timestamp

Code Block
parsedate(time, dateformat("YYYY-MM-DD[T]HH:mm:ss.SSSSSSS[Z]", "UTC"))

time

resourceId

str

 

 

operationName

str

 

 

category

str

 

 

resultType

str

 

 

resultSignature

str

 

 

durationMs

str

 

 

callerIpAddress

ip4

 

 

correlationId

str

 

 

identity__authorization__scope

str

 

 

identity__authorization__action

str

 

 

identity__authorization__evidence__role

str

 

 

identity__authorization__evidence__roleAssignmentScope

str

 

 

identity__authorization__evidence__roleAssignmentId

str

 

 

identity__authorization__evidence__roleDefinitionId

str

 

 

identity__authorization__evidence__principalId

str

 

 

identity__authorization__evidence__principalType

str

 

 

identity__claims__aud

str

 

 

identity__claims__iss

str

 

 

identity__claims__iat

str

 

 

identity__claims__nbf

str

 

 

identity__claims__exp

str

 

 

identity__claims__aio

str

 

 

identity__claims__appid

str

 

 

identity__claims__appidacr

str

 

 

identity__claims__groups

str

 

 

identity__claims__rh

str

 

 

identity__claims__uti

str

 

 

identity__claims__ver

str

 

 

identity__claims__xms_tcdt

str

 

 

identity__claims

json

 

 

level

str

 

 

properties__statusCode

str

 

 

properties__serviceRequestId

str

 

 

properties__eventCategory

str

 

 

properties__entity

str

 

 

properties__message

str

 

 

properties__hierarchy

str

 

 

tenantId

str

 

 

at_devo_collector_version

int4

 

 

at_entry_offset

str

 

 

at_enqueued_time

timestamp

 

 

hostchain

str

 

 

tag

str

 

 

rawMessage

str

 

 

Anchor
tag30
tag30
cloud.azure.appservice.app

Field

Type

Field transformation

Source field name

Extra fields

eventdate

timestamp

 

 

hostname

str

 

 

region

str

 

 

resource_id

str

 

 

category

str

 

 

timestamp

timestamp

 

 

level

str

 

 

operation_name

str

 

 

result_description

str

 

 

properties

json

 

 

properties_precise_date_time

timestamp

 

 

properties_resource_id

str

 

 

properties_stacktrace

str

 

 

properties_level

str

 

 

properties_source

str

 

 

properties_message

str

 

 

properties_web_site_instance_id

str

 

 

at_devo_collector_version

int4

 

 

at_entry_offset

str

 

 

at_enqueued_time

timestamp

 

 

hostchain

str

 

 

tag

str

 

 

rawMessage

str

 

 

Rw tab
title31-35

Anchor
tag31
tag31
cloud.azure.appservice.application

Field

Type

Field transformation

Extra fields

eventdate

timestamp

 

 

hostname

str

 

 

region

str

 

 

product

str

Code Block
"appservice"

 

type

str

Code Block
"application"

 

rawMessage

str

 

 

hostchain

str

 

 

tag

str

 

 

Anchor
tag32
tag32
cloud.azure.appservice.console

Field

Type

Field transformation

Source field name

Extra fields

eventdate

timestamp

 

 

hostname

str

 

 

region

str

 

 

timestamp

timestamp

Code Block
parsedate(time, dateformat("YYYY-MM-DD[T]HH:mm:ss.SSSSSSS[Z]", "UTC"))

time

resourceId

str

 

 

containerId

str

 

 

operationName

str

 

 

category

str

 

 

resultDescription

str

 

 

level2

str

 

 

EventStampType

str

 

 

EventPrimaryStampName

str

 

 

EventStampName

str

 

 

Host

str

 

 

EventIpAddress

ip4

 

 

at_devo_collector_version

int4

 

 

at_entry_offset

str

 

 

at_enqueued_time

timestamp

 

 

hostchain

str

 

 

tag

str

 

 

rawMessage

str

 

 

Anchor
tag33
tag33
cloud.azure.appservice.environment_platform

Field

Type

Extra fields

eventdate

timestamp

hostname

str

region

str

resource_id

str

category

str

timestamp

timestamp

level

str

operation_name

str

result_description

str

location

str

result_type

str

at_devo_collector_version

int4

at_entry_offset

str

at_enqueued_time

timestamp

hostchain

str

tag

str

rawMessage

str

Anchor
tag34
tag34
cloud.azure.appservice.http

Field

Type

Field transformation

Source field name

Extra fields

eventdate

timestamp

 

 

hostname

str

 

 

region

str

 

 

timestamp

timestamp

Code Block
parsedate(time, dateformat("YYYY-MM-DD[T]HH:mm:ss.SSSSSSS[Z]", "UTC"))

time

resourceId

str

 

 

properties

str

 

 

properties_CsHost

str

 

 

properties_CIp

str

 

 

properties_SPort

str

 

 

properties_CsUriStem

str

 

 

properties_CsUriQuery

str

 

 

properties_CsMethod

str

 

 

properties_TimeTaken

int4

 

 

properties_ScStatus

str

 

 

properties_Result

str

 

 

properties_CsBytes

str

 

 

properties_ScBytes

str

 

 

properties_UserAgent

str

 

 

properties_Cookie

str

 

 

properties_CsUsername

str

 

 

properties_Referer

str

 

 

properties_ComputerName

str

 

 

category

str

 

 

EventStampType

str

 

 

EventPrimaryStampName

str

 

 

EventStampName

str

 

 

Host

str

 

 

EventIpAddress

ip4

 

 

at_devo_collector_version

int4

 

 

at_entry_offset

str

 

 

at_enqueued_time

timestamp

 

 

hostchain

str

 

 

tag

str

 

 

rawMessage

str

 

 

Anchor
tag35
tag35
cloud.azure.appservice.ipsecurity_audit

Field

Type

Field transformation

Source field name

Extra fields

eventdate

timestamp

 

 

hostname

str

 

 

region

str

 

 

timestamp

timestamp

Code Block
parsedate(time, dateformat("YYYY-MM-DD[T]HH:mm:ss.SSSSSSS[Z]", "UTC"))

time

ResourceId

str

 

 

Category

str

 

 

OperationName

str

 

 

Properties_Result

str

 

 

Properties_CsHost

str

 

 

Properties_ServiceEndpoint

str

 

 

Properties_CIp

str

 

 

Properties_XForwardedFor

str

 

 

Properties_XForwardedHost

str

 

 

Properties_XAzureFDID

str

 

 

Properties_XFDHealthProbe

str

 

 

Properties_Details

str

 

 

at_devo_collector_version

int4

 

 

at_entry_offset

str

 

 

at_enqueued_time

timestamp

 

 

hostchain

str

 

 

tag

str

 

 

rawMessage

str

 

 

Rw tab
title36-40

Anchor
tag36
tag36
cloud.azure.appservice.platform

Field

Type

Extra fields

eventdate

timestamp

hostname

str

region

str

resourceId

str

category

str

timestamp

timestamp

level2

str

operationName

str

properties

str

properties_message

str

properties_containerId

str

properties_containerName

str

EventStampType

str

EventPrimaryStampName

str

EventStampName

str

Host

str

EventIpAddress

ip4

at_devo_collector_version

int4

at_entry_offset

str

at_enqueued_time

timestamp

hostchain

str

tag

str

rawMessage

str

Anchor
tag37
tag37
cloud.azure.appservice.policy

Field

Type

Extra fields

eventdate

timestamp

hostname

str

region

str

roleLocation

str

timestamp

timestamp

resourceId

str

operationName

str

category

str

resultType

str

resultSignature

str

durationMs

str

callerIpAddress

ip4

correlationId

str

identity__authorization__scope

str

identity__authorization__action

str

identity__authorization__evidence__role

str

identity__authorization__evidence__roleAssignmentScope

str

identity__authorization__evidence__roleAssignmentId

str

identity__authorization__evidence__roleDefinitionId

str

identity__authorization__evidence__principalId

str

identity__authorization__evidence__principalType

str

identity__claims__aud

str

identity__claims__iss

str

identity__claims__iat

str

identity__claims__nbf

str

identity__claims__exp

str

identity__claims__aio

str

identity__claims__appid

str

identity__claims__appidacr

str

identity__claims__groups

str

identity__claims__ipaddr

ip4

identity__claims__name

str

identity__claims__onprem_sid

str

identity__claims__puid

str

identity__claims__rh

str

identity__claims__uti

str

identity__claims__ver

str

identity__claims__xms_tcdt

str

identity__claims

json

level

str

properties__isComplianceCheck

str

properties__resourceLocation

str

properties__ancestors

str

properties__policies

json

properties__eventCategory

str

properties__entity

str

properties__message

str

properties__hierarchy

str

tenantId

str

at_devo_collector_version

int4

at_entry_offset

str

at_enqueued_time

timestamp

hostchain

str

tag

str

rawMessage

str

Anchor
tag38
tag38
cloud.azure.components.process

Field

Type

Extra fields

eventdate

timestamp

hostname

str

region

str

app_role_instance

str

app_role_name

str

category

str

client_ip

ip4

client_type

str

counter

str

ikey

str

instance2

str

name

str

properties__process_id

str

properties__host_instance_id

str

resource_guid

str

sdk_version

str

source_system

str

tenant_id

str

time_generated

str

type

str

value

float8

billed_size

int4

internal_workspace_resource_id

str

resource_id

str

at_devo_collector_version

int4

at_entry_offset

str

at_enqueued_time

timestamp

hostchain

str

tag

str

rawMessage

str

Anchor
tag39
tag39
cloud.azure.contregistry.login

Field

Type

Field transformation

Source field name

Extra fields

eventdate

timestamp

 

 

hostname

str

 

 

region

str

 

 

timestamp

timestamp

Code Block
parsedate(time, dateformat("YYYY-MM-DD[T]HH:mm:ss.SSSSSSS[Z]", "UTC"))

time

category

str

 

 

resourceId

str

 

 

operationName

str

 

 

location

str

 

 

resultType

str

 

 

resultDescription

str

 

 

durationMs

str

 

 

callerIpAddress

ip4

 

 

correlationId

str

 

 

properties__jwtid

str

 

 

properties__loginServer

str

 

 

properties__userAgent

str

 

 

regionStamp

str

 

 

at_devo_collector_version

int4

 

 

at_entry_offset

str

 

 

at_enqueued_time

timestamp

 

 

hostchain

str

 

 

tag

str

 

 

rawMessage

str

 

 

Anchor
tag40
tag40
cloud.azure.cosmosdb.control_plane_requests

Field

Type

Extra fields

eventdate

timestamp

region

str

host

str

time

timestamp

resourceId

str

category

str

operationName

str

subscriptionId

str

properties__ipRangeFilter

str

properties__httpstatusCode

str

properties__cors

str

properties__privateEndpointArmUrl

str

properties__defaultConsistencyLevel

str

properties__httpMethod

str

properties__enableAutomaticFailover

str

properties__result

str

properties__activityId

str

properties__enableMultipleWriteLocations

str

properties__privateEndpointConnections

str

properties__maxStalenessPrefix

str

properties__maxStalenessIntervalInSeconds

str

properties__virtualNetworkResourceEntries

str

properties__enablePrivateEndpointConnection

str

properties__enableVirtualNetworkFilter

str

properties__enableDataPlaneRequestsTrace

str

properties__enableCassandraRequestsTrace

str

properties__enableGremlinRequestsTrace

str

properties__enableMongoRequestsTrace

str

properties__enableControlPlaneRequestsTrace

str

properties__sqlQueryTextTraceType

str

properties__apiKindResourceType

str

properties__resourceDetails

str

properties__apiKind

str

properties__operationType

str

properties__resourceUri

str

properties__duration

str

properties__roleAssignmentScope

str

properties__roleAssignmentPrincipalId

str

properties__roleAssignmentId

str

properties__associatedRoleDefinitionId

str

properties__roleAssignmentPrincipalType

str

hostchain

str

tag

str

rawMessage

str