Returns a pre-defined set of the most relevant XDM schema fields for network investigation:
- _time
- xdm.event.type
- xdm.event.description
- xdm.event.operation
- xdm.event.operation_sub_type
- xdm.source.ipv4
- xdm.source.port
- xdm.source.host.hostname
- xdm.source.user.username
- xdm.source.user.user_type
- xdm.source.sent_bytes
- xdm.source.location.country
- xdm.target.ipv4
- xdm.target.port
- xdm.target.host.hostname
- xdm.target.user.username
- xdm.target.user.user_type
- xdm.target.sent_bytes
- xdm.target.location.country
- xdm.network.ip_protocol
- xdm.network.application_protocol
- xdm.target.url
- xdm.target.domain
- xdm.target.resource.name
- xdm.target.resource.type
- xdm.network.http.url
- xdm.network.http.method
- xdm.event.outcome
- xdm.event.outcome_reason
- xdm.observer.product