|
No.
|
Google SecOps UDM field
|
Trend Vision One field
|
Notes
|
|
1
|
metadata.event_type
|
GENERIC_EVENT
|
|
|
2
|
metadata.vendor_name
|
TREND VISION ONE AUDIT
|
|
|
3
|
metadata.product_name
|
TREND VISION ONE AUDIT
|
|
|
4
|
metadata.event_timestamp
|
loggedDateTime
|
|
|
5
|
metadata.collected_timestamp
|
ingestedDateTime
|
|
|
6
|
principal.user.userid
|
loggedUser
|
|
|
7
|
principal.user.user_role
|
loggedRole
|
|
|
8
|
additional.fields
|
category
|
key: "category"value: {category}
|
|
9
|
additional.fields
|
activity
|
key: "activity"value: {activity}
|
|
10
|
additional.fields
|
accessType
|
key: "accessType"value: {accessType}
|
|
11
|
additional.fields
|
result
|
key: "result"value: {result}
|
Views: