tm-v1-schema

Trend Cloud One - AWS CloudTrail Integration

Layer: Others

This documentation provides detailed information about all fields available for Trend Cloud One - AWS CloudTrail Integration.

Field Name Type Searchable General Field Description Example Products
additionalEventData dynamic true - The additional data about the event that was not part of the request {"SignatureVersion":"SigV4","CipherSuite":"ECDHE-RSA-AES128-GCM-SHA256"} Trend Cloud One - AWS CloudTrail Integration
apiVersion string true - API version associated with the AwsApiCall eventType value 2012-08-10 Trend Cloud One - AWS CloudTrail Integration
awsRegion string true - AWS region that the request was made to
  • us-east-1
  • us-east-2
  • us-west-1
 Trend Cloud One - AWS CloudTrail Integration
errorCode string true - AWS service error code
  • ThrottlingException
  • InvalidParameterValueException
  • NoSuchLifecycleConfiguration
 Trend Cloud One - AWS CloudTrail Integration
errorMessage string true - Description of the error
  • The specified bucket does not have a website configuration
  • An unknown error occurred
  • The lifecycle configuration does not exist
 Trend Cloud One - AWS CloudTrail Integration
eventCategory string true - Event category used in LookupEvents calls
  • Management
  • Data
  • Insight
 Trend Cloud One - AWS CloudTrail Integration
eventID string true - GUID generated by AWS CloudTrail to identify events 11111111-1111-1111-1111-111111111111 Trend Cloud One - AWS CloudTrail Integration
eventName string true - The name of the log event
  • PutObject
  • GetObject
  • DescribeTable
 Trend Cloud One - AWS CloudTrail Integration
eventSource string true - The AWS service the request was made to
  • s3.amazonaws.com
  • dynamodb.amazonaws.com
  • xray.amazonaws.com
 Trend Cloud One - AWS CloudTrail Integration
eventTime string true - The time the agent or product detected the event 2022-07-06T22:28:06+00:00 Trend Cloud One - AWS CloudTrail Integration
eventType string true - Type of event that generated the event record
  • AwsApiCall
  • AwsServiceEvent
  • AwsConsoleAction
 Trend Cloud One - AWS CloudTrail Integration
eventVersion string true - Version of the log event format 1.08 Trend Cloud One - AWS CloudTrail Integration
readOnly bool true - Whether the operation is read-only
  • True
 Trend Cloud One - AWS CloudTrail Integration
recipientAccountId string true - Account ID that received the event 123456789012 Trend Cloud One - AWS CloudTrail Integration
requestID string true - Value that identifies the request (The service being called generates this value) 11111111-1111-1111-1111-111111111111 Trend Cloud One - AWS CloudTrail Integration
requestParameters dynamic true - The parameters, if any, that were sent with the request (Parameters are documented in the API reference docs for the appropriate AWS service) {"durationSeconds": 3600, "roleSessionName":"BackplaneAssumeRoleSession"} Trend Cloud One - AWS CloudTrail Integration
resources dynamic true - List of resources accessed in the event [{"type":"AWS::S3::Object","ARN":"arn:aws:s3:::your-bucket/file.txt"}] Trend Cloud One - AWS CloudTrail Integration
responseElements dynamic true - Response elements for actions that made changes (create, update, or delete actions) {"user":{"createDate":"Mar 24, 2014 9:11:59 PM","userName":"Bob","arn":"arn:aws:iam::123456789012:user/Bob","path":"/","userId":"EXAMPLEUSERID"}} Trend Cloud One - AWS CloudTrail Integration
serviceEventDetails dynamic true - The service event (including what triggered the event and the result) {"lifecycleEventPolicy":{"policyVersion":1,"policyId":"11111111-1111-1111-1111-111111111111"}} Trend Cloud One - AWS CloudTrail Integration
sharedEventID string true - GUID generated by AWS CloudTrail to uniquely identify CloudTrail events (From the same AWS action that is sent to different AWS accounts) 11111111-1111-1111-1111-111111111111 Trend Cloud One - AWS CloudTrail Integration
sourceIPAddress string true
  • IPv4
  • IPv6
 IP address the request was made from (For actions that originate from the service console, the address reported is for the underlying customer resource, not the console web server. For services in AWS, only the DNS name is displayed.)
  • 10.10.10.10
  • apigateway.amazonaws.com
  • config.amazonaws.com
 Trend Cloud One - AWS CloudTrail Integration
userAgent string true CLICommand The user agent or the agent through which the request was made
  • signin.amazonaws.com
  • console.amazonaws.com
  • aws-cli/1.3.23 Python/2.7.6 Linux/2.6.18-164.el5
 Trend Cloud One - AWS CloudTrail Integration
userIdentity dynamic true - Information about the user that made a request
  • {"type":"AWSService","invokedBy":"apigateway.amazonaws.com"}
  • {"type":"AWSService","invokedBy":"lambda.amazonaws.com"}
 Trend Cloud One - AWS CloudTrail Integration
vpcEndpointId string true - VPC endpoint in which requests were made from a VPC to another AWS service (Such as Amazon S3) vpce-00000000000000000 Trend Cloud One - AWS CloudTrail Integration

Field Statistics

Generated by XDR Common Schema Public Doc Generator V2

This site is open source. Improve this page.