Page Comparison

Versions Compared

Old Version 1

changes.mady.by.user Borja Moro Moreno

Saved on Nov 25, 2024

compared with

New Version Current

changes.mady.by.user Borja Moro Moreno

Saved on Nov 25, 2024

Key

This line was added.
This line was removed.
Formatting was changed.

...

These are the valid tags and corresponding data tables that will receive the parsers' data:

Product / Service	Tags	Data tables
Absolute Platform	`siem.absolute.reporting.event`	`siem.absolute.reporting.event`

For more information, read more About Devo tags.

...

To sent logs to the Devo platform, you must use the Absolute collector (more info here).

Table structure

These are the fields displayed in this table:

siem.absolute.reporting.event

Field	Type	Extra Label fields
eventdate	`timestamp`
machine	`str`
id	`str`
event_type	`str`
actor_object_type	`str`
actor_display_name	`str`
actor_display_id	`str`
object_object_type	`str`
object_display_name	`str`
object_display_id	`str`
object_properties	`str`
verb	`str`
created_date_time_utc	`timestamp`
event_date_time_utc	`timestamp`
hostchain	`str`	✓
tag	`str`	✓
rawMessage	`str`	✓