Top-level fields without an xdm. prefix. Includes identity, status, tagging, and timestamp fields native to the issue record itself.
| Display name | Field name | Data type |
|---|---|---|
| Agentic AI response | agentic_assistant_id |
ENUM |
| Agentic AI response status | agentic_response_status |
ENUM |
| Assignee | assigned_to_pretty |
TEXT |
| Assignee Email | assigned_to |
TEXT |
| Category | alert_category |
TEXT |
| Description | alert_description |
RENDER_TEXT |
| Detection Method | alert_source |
ENUM |
| Detection Rule ID | matching_service_rule_id |
TEXT |
| Excepted | is_excepted |
BOOLEAN |
| Excluded | is_whitelisted |
BOOLEAN |
| Extended Description | extended_description |
TEXT |
| External Id | external_id |
TEXT |
| Impact | impact |
TEXT |
| Insert Time | local_insert_ts |
TIMESTAMP |
| Issue Domain | alert_domain |
ENUM |
| Issue Id | internal_id |
TEXT |
| Last Modified | last_update_timestamp |
TIMESTAMP |
| Mitre ATT&CK Tactic | mitre_tactic_id_and_name |
ENUM |
| Mitre ATT&CK Technique | mitre_technique_id_and_name |
ENUM |
| Name | alert_name |
TEXT |
| Observation Time | source_insert_ts |
TIMESTAMP |
| Recommendation | recommendation |
TEXT |
| Remediation | remediation |
TEXT |
| Resolution Comment | resolution_comment |
TEXT |
| Resolution Reason | status.resolution_reason |
ENUM |
| Resolution Status Modified | resolution_status_modified_ts |
TIMESTAMP |
| Severity | severity |
ENUM |
| Starred | starred |
BOOLEAN |
| Status | status.progress |
ENUM |
| Tags | tags |
COMPLEX |
| Type | alert_type |
ENUM |