Document toolboxDocument toolbox

grc.onetrust

Owned by Former user (Deleted)
Last updated: Jul 31, 2023 by Anthony Shevlin (Deactivated)
1 min read
[ 1 Introduction ] [ 2 Valid tags and data tables  ] [ 3 Table structure ]

Introduction

Tags beginning with grc.onetrust identify events generated by OneTrust.

Valid tags and data tables 

The full tag must have four levels. The first two are fixed as grc.onetrust. The third level identifies the type of events sent, and the fourth level indicates the event subtype. 

These are the valid tags and corresponding data tables that will receive the parsers' data:

Product / Service

Tags

Data tables

Product / Service

Tags

Data tables

OneTrust Security Platform

grc.onetrust.audit.login_history

grc.onetrust.audit.login_history

grc.onetrust.audit.profile_activity

grc.onetrust.audit.profile_activity

For more information, read more about Devo tags.

Table structure

These are the fields displayed in these tables:

grc.onetrust.audit.login_history

Field

Type

Extra field

Field transformation

Source field name

Field

Type

Extra field

Field transformation

Source field name

eventdate

timestamp

 

 

 

hostname

str

 

 

 

username

str

 

 

 

ip

str

 

 

 

ip_ipv4

ip4

 

ip4(ip)

ip

ip_ipv6

ip6

 

ip6(ip)

ip

user_agent_string

str

 

 

 

create_dt

timestamp

 

 

 

status

str

 

 

 

user_id

str

 

 

 

user_details__id

str

 

 

 

user_details__external_id

str

 

 

 

user_details__meta__created

str

 

 

 

user_details__meta__last_modified

str

 

 

 

user_details__meta__location

str

 

 

 

user_details__meta__resource_type

str

 

 

 

user_details__schemas

str

 

 

 

user_details__user_name

str

 

 

 

user_details__name__family_name

str

 

 

 

user_details__name__given_name

str

 

 

 

user_details__user_type

str

 

 

 

user_details__active

bool

 

 

 

user_details__groups

str

 

 

 

user_details__emails

str

 

 

 

user_details__roles

str

 

 

 

user_details__title

str

 

 

 

user_details__urn_ietf_params_scim_schemas_extension_enterprise_2_0_user__business_unit

str

 

 

 

user_details__urn_ietf_params_scim_schemas_extension_enterprise_2_0_user__division

str

 

 

 

user_details__urn_ietf_params_scim_schemas_extension_enterprise_2_0_user__employee_number

str

 

 

 

user_details__urn_ietf_params_scim_schemas_extension_enterprise_2_0_user__office_location

str

 

 

 

user_details__urn_ietf_params_scim_schemas_extension_enterprise_2_0_user__department

str

 

 

 

user_details__urn_ietf_params_scim_schemas_extension_enterprise_2_0_user__manager

str

 

 

 

user_details__urn_ietf_params_scim_schemas_extension_enterprise_2_0_user__organization

str

 

 

 

user_details__urn_ietf_params_scim_schemas_extension_enterprise_2_0_user__legacy_manager

str

 

 

 

devo_pulling_id

str

 

 

 

hostchain

str

✓

 

 

tag

str

✓

 

 

rawMessage

str

✓

 

 

grc.onetrust.audit.profile_activity

Field

Type

Extra field

Field

Type

Extra field

eventdate

timestamp

 

hostname

str

 

name

str

 

email

str

 

event

str

 

field_name

str

 

old_value

str

 

new_value

str

 

method

str

 

updated_by

str

 

date

timestamp

 

devo_pulling_id

str

 

hostchain

str

✓

tag

str

✓

rawMessage

str

✓