Skip to content

Field changes report

Latest versus Splunk_TA_aws 6.3.2

Summary

  • Sourcetypes with changes: 8
  • Total deleted fields: 13
  • Total modified fields: 52
  • Total new fields: 175

Detailed changes

aws:cloudtrail

Field Deleted Modified New Is CIM
action
change_type
eventtype
object
object_attrs
object_category
object_id
object_path
protocol
result
src_user
src_user_id
src_user_name
src_user_type
status
tag
tag::eventtype
user
user_name
user_type

aws:cloudwatch:guardduty

Field Deleted Modified New Is CIM
action_type
category
dest
dest_ip
dest_name
dest_port
dest_type
eventtype
mitre_technique_id
signature
signature_id
src
src_ip
src_name
src_port
src_type
tag
tag::eventtype
transport
user
user_name

aws:cloudwatchlogs:guardduty

Field Deleted Modified New Is CIM
accountId
action
action_type
category
dest
dest_port
dest_type
dvc
eventtype
findingType
ids_type
instanceId
mitre_technique_id
signature
src
src_port
src_type
tag
tag::eventtype
transport
user_name

aws:cloudwatchlogs:vpcflow

Field Deleted Modified New Is CIM
account_id
action
aws_account_id
az_id
bytes
dest
dest_ip
dest_port
duration
dvc
end_time
eventtype
flow_direction
instance_id
interface_id
log_status
packets
pkt_dst_aws_service
pkt_dstaddr
pkt_src_aws_service
pkt_srcaddr
protocol
protocol_code
protocol_full_name
protocol_version
region
src
src_ip
src_port
start_time
sublocation_id
sublocation_type
subnet_id
tag
tag::eventtype
tcp_flags
traffic_path
transport
type
user_id
vendor_account
version
vpc_id
vpcflow_action

aws:elb:accesslogs

Field Deleted Modified New Is CIM
ClientSrcIP
ClientSrcPort
RequestTargetIP
RequestTargetPort
dest
dest_port
src
src_ip
src_port

aws:s3:accesslogs

Field Deleted Modified New Is CIM
access_point_arn
acl_required
action
app
authentication_type
bucket_name
bucket_owner
bytes_sent
cipher_suite
dest
duration
file_path
host_header
host_id
http_status
key
object_size
operation
referrer
remote_ip
request_id
request_time
request_uri
requester
signature_version
src
src_ip
status
storage_name
tls_version
total_time
turn_around_time
url
url_domain
url_length
user_agent
version_id

aws:securityhub:finding

Field Deleted Modified New Is CIM
app
user
user_name

aws:transitgateway:flowlogs

Field Deleted Modified New Is CIM
account_id
action
app
bytes
dest
dest_interface
dest_ip
dest_port
dest_zone
direction
dstaddr
dstport
duration
dvc
end
eventtype
flow_direction
log_status
packets
packets_lost_blackhole
packets_lost_mtu_exceeded
packets_lost_no_route
packets_lost_ttl_expired
pkt_dst_aws_service
pkt_src_aws_service
protocol
protocol_code
protocol_full_name
protocol_version
region
resource_type
src
src_interface
src_ip
src_port
src_zone
srcaddr
srcport
start
tag
tag::eventtype
tcp_flag
tcp_flags
tgw_attachment_id
tgw_dst_az_id
tgw_dst_eni
tgw_dst_subnet_id
tgw_dst_vpc_account_id
tgw_dst_vpc_id
tgw_id
tgw_pair_attachment_id
tgw_src_az_id
tgw_src_eni
tgw_src_subnet_id
tgw_src_vpc_account_id
tgw_src_vpc_id
transport
type
vendor_account
vendor_product
version