Add AppOmni integration (ECOINT-58) #2587
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![dd-pub-platform[bot]](https://avatars.githubusercontent.com/u/365230?s=60&v=4){kind=small}
jhgilbert
added
the
editorial review
eho1307
requested changes
Jan 29, 2025
|
|
||
| ## Overview | ||
|
|
||
| AppOmni Threat Detection Datadog Integration provides a single source to ingests and normalizes all your SaaS logs, and visualize events and alerts. |
There was a problem hiding this comment.
Suggested change
| AppOmni Threat Detection Datadog Integration provides a single source to ingests and normalizes all your SaaS logs, and visualize events and alerts. | |
| AppOmni Threat Detection Integration with Datadog provides a single source to ingest and normalize all your SaaS logs. You can visualize any events and alerts. |
Add more context about the events and alerts
| ## Setup | ||
|
|
||
| **Log in to Datadog** | ||
| First Obtain a Datadog [API Key][1]. See the steps below: |
There was a problem hiding this comment.
Suggested change
| First Obtain a Datadog [API Key][1]. See the steps below: | |
| Create a Datadog [API Key][1]. See the steps below: |
|
|
||
| ## Support | ||
|
|
||
| Support can be reached by e-mail: [email protected] |
There was a problem hiding this comment.
Suggested change
| Support can be reached by e-mail: [email protected] | |
| Contact [[email protected]](mailto:[email protected]) for support requests. |
There was a problem hiding this comment.
- Image doesn't load
- Event by service widget is quite small in comparison to other widgets
- Use provided template to group widgets together
- Add widget descriptions
| @@ -0,0 +1,60 @@ | |||
| { | |||
| "app_id": "appomni-appomni", | |||
There was a problem hiding this comment.
Suggested change
| "app_id": "appomni-appomni", | |
| "app_id": "appomni", |
| "display_on_public_website": true, | ||
| "tile": { | ||
| "title": "AppOmni", | ||
| "description": "AppOmni prevents SaaS data breaches by securing the applications that power the enterprise.", |
There was a problem hiding this comment.
Suggested change
| "description": "AppOmni prevents SaaS data breaches by securing the applications that power the enterprise.", | |
| "description": "AppOmni prevents SaaS data breaches by securing the applications that power enterprises", |
| "Supported OS::Linux", | ||
| "Supported OS::Windows", | ||
| "Supported OS::macOS", | ||
| "Queried Data Type::Logs", |
| "AppOmni Events Overview": "assets/dashboards/appomni_events_overview.json" | ||
| }, | ||
| "logs": { | ||
| "source": "{\"@timestamp\":\"2025-01-22T21:24:31.000Z\",\"appomni\":{\"event\":{\"collected_time\":\"2025-01-22T21:24:32.638Z\",\"dataset\":\"snow_sysevent\",\"enrichments\":[\"ao_identity\",\"ipinfo\",\"spur\"],\"id\":\"fc7e5658-1d87-5665-8638-90e3b15444db\",\"ingestion_time\":\"2025-01-22T21:24:32.688Z\"},\"organization\":{\"id\":25},\"service\":{\"account_id\":\"ven04338\",\"id\":29689,\"name\":\"ServiceNow - Prod\",\"slug\":\"snow\",\"type\":\"snow\"}},\"event\":{\"action\":\"notify_workflow\",\"code\":\"flow.fire\",\"created\":\"2025-01-22T21:24:32.638Z\",\"dataset\":\"snow_sysevent\",\"id\":\"6ad1c50d1bdb1a50101acb70604bcb92\",\"ingested\":\"2025-01-22T21:24:32.688Z\",\"kind\":\"event\",\"module\":\"snow\",\"original\":\"{\\\"instance\\\":\\\"ead1c50d8cdb1a509bf38166d15f0391\\\",\\\"name\\\":\\\"flow.fire\\\",\\\"parm1\\\":null,\\\"parm2\\\":\\\"2ad1c50da7db1a506ec449eef32b2192\\\",\\\"sys_created_by\\\":\\\"service.appomni\\\",\\\"sys_created_on\\\":\\\"2025-01-22 21:24:31\\\",\\\"sys_id\\\":\\\"6ad1c50d1bdb1a50101acb70604bcb92\\\",\\\"sys_updated_by\\\":\\\"system\\\",\\\"sys_updated_on\\\":\\\"2025-01-22 21:24:32\\\",\\\"table\\\":\\\"sys_flow_context\\\",\\\"user_id\\\":\\\"8e04d7921b276490a7c052c2604bcba7\\\",\\\"user_name\\\":\\\"service.appomni\\\"}\"},\"labels\":{\"table\":\"sys_flow_context\"},\"message\":\"Fires when a Flow is ran\",\"related\":{\"user\":[\"service.appomni\"]},\"resource\":{\"id\":\"ead1c50d8cdb1a509bf38166d15f0391\"},\"user\":{\"name\":\"service.appomni\"},\"version\":\"2.0.0\"} {\"@timestamp\":\"2025-01-22T21:24:31.000Z\",\"appomni\":{\"event\":{\"collected_time\":\"2025-01-22T21:24:32.638Z\",\"dataset\":\"snow_sysevent\",\"enrichments\":[\"ao_identity\",\"ipinfo\",\"spur\"],\"id\":\"eeec72e5-946b-5179-857f-434c0b3389c1\",\"ingestion_time\":\"2025-01-22T21:24:32.702Z\"},\"organization\":{\"id\":25},\"service\":{\"account_id\":\"ven04338\",\"id\":29689,\"name\":\"ServiceNow - Prod\",\"slug\":\"snow\",\"type\":\"snow\"}},\"event\":{\"action\":\"notify_workflow\",\"code\":\"flow.fire\",\"created\":\"2025-01-22T21:24:32.638Z\",\"dataset\":\"snow_sysevent\",\"id\":\"26d189811b5f9650abe055f5604bcbbc\",\"ingested\":\"2025-01-22T21:24:32.702Z\",\"kind\":\"event\",\"module\":\"snow\",\"original\":\"{\\\"instance\\\":\\\"a6d18981e35f96507d638549d4f02bbb\\\",\\\"name\\\":\\\"flow.fire\\\",\\\"parm1\\\":null,\\\"parm2\\\":\\\"e2d18981d35f96509d7667ce6c051bbc\\\",\\\"sys_created_by\\\":\\\"service.appomni\\\",\\\"sys_created_on\\\":\\\"2025-01-22 21:24:31\\\",\\\"sys_id\\\":\\\"26d189811b5f9650abe055f5604bcbbc\\\",\\\"sys_updated_by\\\":\\\"system\\\",\\\"sys_updated_on\\\":\\\"2025-01-22 21:24:32\\\",\\\"table\\\":\\\"sys_flow_context\\\",\\\"user_id\\\":\\\"8e04d7921b276490a7c052c2604bcba7\\\",\\\"user_name\\\":\\\"service.appomni\\\"}\"},\"labels\":{\"table\":\"sys_flow_context\"},\"message\":\"Fires when a Flow is ran\",\"related\":{\"user\":[\"service.appomni\"]},\"resource\":{\"id\":\"a6d18981e35f96507d638549d4f02bbb\"},\"user\":{\"name\":\"service.appomni\"},\"version\":\"2.0.0\"} {\"@timestamp\":\"2025-01-22T21:24:31.000Z\",\"appomni\":{\"event\":{\"collected_time\":\"2025-01-22T21:24:32.638Z\",\"dataset\":\"snow_sysevent\",\"enrichments\":[\"ao_identity\",\"ipinfo\",\"spur\"],\"id\":\"83167ed6-c4b7-59af-9b42-f1258b533e53\",\"ingestion_time\":\"2025-01-22T21:24:32.701Z\"},\"organization\":{\"id\":25},\"service\":{\"account_id\":\"ven04338\",\"id\":29689,\"name\":\"ServiceNow - Prod\",\"slug\":\"snow\",\"type\":\"snow\"}},\"event\":{\"action\":\"notify_workflow\",\"code\":\"flow.fire\",\"created\":\"2025-01-22T21:24:32.638Z\",\"dataset\":\"snow_sysevent\",\"id\":\"92d189811b5f9650abe055f5604bcb05\",\"ingested\":\"2025-01-22T21:24:32.701Z\",\"kind\":\"event\",\"module\":\"snow\",\"original\":\"{\\\"instance\\\":\\\"16d189813e5f9650f569ccf6774ed504\\\",\\\"name\\\":\\\"flow.fire\\\",\\\"parm1\\\":null,\\\"parm2\\\":\\\"52d18981e15f9650b3a0e97599e70e05\\\",\\\"sys_created_by\\\":\\\"service.appomni\\\",\\\"sys_created_on\\\":\\\"2025-01-22 21:24:31\\\",\\\"sys_id\\\":\\\"92d189811b5f9650abe055f5604bcb05\\\",\\\"sys_updated_by\\\":\\\"system\\\",\\\"sys_updated_on\\\":\\\"2025-01-22 21:24:32\\\",\\\"table\\\":\\\"sys_flow_context\\\",\\\"user_id\\\":\\\"8e04d7921b276490a7c052c2604bcba7\\\",\\\"user_name\\\":\\\"service.appomni\\\"}\"},\"labels\":{\"table\":\"sys_flow_context\"},\"message\":\"Fires when a Flow is ran\",\"related\":{\"user\":[\"service.appomni\"]},\"resource\":{\"id\":\"16d189813e5f9650f569ccf6774ed504\"},\"user\":{\"name\":\"service.appomni\"},\"version\":\"2.0.0\"} {\"@timestamp\":\"2025-01-22T21:24:30.000Z\",\"appomni\":{\"event\":{\"collected_time\":\"2025-01-22T21:24:32.638Z\",\"dataset\":\"snow_sysevent\",\"enrichments\":[\"ao_identity\",\"ipinfo\",\"spur\"],\"id\":\"0f4a0e7e-4535-51d5-8b48-a6da3e21af1f\",\"ingestion_time\":\"2025-01-22T21:24:32.696Z\"},\"organization\":{\"id\":25},\"service\":{\"account_id\":\"ven04338\",\"id\":29689,\"name\":\"ServiceNow - Prod\",\"slug\":\"snow\",\"type\":\"snow\"}},\"event\":{\"action\":\"notify_workflow\",\"code\":\"flow.fire\",\"created\":\"2025-01-22T21:24:32.638Z\",\"dataset\":\"snow_sysevent\",\"id\":\"42d1c10d1bdb1a50101acb70604bcb54\",\"ingested\":\"2025-01-22T21:24:32.696Z\",\"kind\":\"event\",\"module\":\"snow\",\"original\":\"{\\\"instance\\\":\\\"c2d1c10da0db1a5086794d6dfd3a1a53\\\",\\\"name\\\":\\\"flow.fire\\\",\\\"parm1\\\":null,\\\"parm2\\\":\\\"02d1c10daedb1a501be01b264f5eab54\\\",\\\"sys_created_by\\\":\\\"service.appomni\\\",\\\"sys_created_on\\\":\\\"2025-01-22 21:24:30\\\",\\\"sys_id\\\":\\\"42d1c10d1bdb1a50101acb70604bcb54\\\",\\\"sys_updated_by\\\":\\\"system\\\",\\\"sys_updated_on\\\":\\\"2025-01-22 21:24:32\\\",\\\"table\\\":\\\"sys_flow_context\\\",\\\"user_id\\\":\\\"8e04d7921b276490a7c052c2604bcba7\\\",\\\"user_name\\\":\\\"service.appomni\\\"}\"},\"labels\":{\"table\":\"sys_flow_context\"},\"message\":\"Fires when a Flow is ran\",\"related\":{\"user\":[\"service.appomni\"]},\"resource\":{\"id\":\"c2d1c10da0db1a5086794d6dfd3a1a53\"},\"user\":{\"name\":\"service.appomni\"},\"version\":\"2.0.0\"} {\"@timestamp\":\"2025-01-22T21:23:30.000Z\",\"appomni\":{\"event\":{\"collected_time\":\"2025-01-22T21:24:32.638Z\",\"dataset\":\"snow_sysevent\",\"enrichments\":[\"ao_identity\",\"ipinfo\",\"spur\"],\"id\":\"b6fd4dd3-93ca-5831-9971-a025117dfa46\",\"ingestion_time\":\"2025-01-22T21:24:32.696Z\"},\"organization\":{\"id\":25},\"service\":{\"account_id\":\"ven04338\",\"id\":29689,\"name\":\"ServiceNow - Prod\",\"slug\":\"snow\",\"type\":\"snow\"}},\"event\":{\"action\":\"notify_workflow\",\"code\":\"flow.fire\",\"created\":\"2025-01-22T21:24:32.638Z\",\"dataset\":\"snow_sysevent\",\"id\":\"6f9185811b5f9650abe055f5604bcbaa\",\"ingested\":\"2025-01-22T21:24:32.696Z\",\"kind\":\"event\",\"module\":\"snow\",\"original\":\"{\\\"instance\\\":\\\"ef918581445f9650a66365fbb652c8a9\\\",\\\"name\\\":\\\"flow.fire\\\",\\\"parm1\\\":null,\\\"parm2\\\":\\\"2f9185819e5f9650aaec9d0a58fae1aa\\\",\\\"sys_created_by\\\":\\\"service.appomni\\\",\\\"sys_created_on\\\":\\\"2025-01-22 21:23:30\\\",\\\"sys_id\\\":\\\"6f9185811b5f9650abe055f5604bcbaa\\\",\\\"sys_updated_by\\\":\\\"system\\\",\\\"sys_updated_on\\\":\\\"2025-01-22 21:23:33\\\",\\\"table\\\":\\\"sys_flow_context\\\",\\\"user_id\\\":\\\"8e04d7921b276490a7c052c2604bcba7\\\",\\\"user_name\\\":\\\"service.appomni\\\"}\"},\"labels\":{\"table\":\"sys_flow_context\"},\"message\":\"Fires when a Flow is ran\",\"related\":{\"user\":[\"service.appomni\"]},\"resource\":{\"id\":\"ef918581445f9650a66365fbb652c8a9\"},\"user\":{\"name\":\"service.appomni\"},\"version\":\"2.0.0\"} {\"@timestamp\":\"2025-01-22T21:23:30.000Z\",\"appomni\":{\"event\":{\"collected_time\":\"2025-01-22T21:24:32.639Z\",\"dataset\":\"snow_sysevent\",\"enrichments\":[\"ao_identity\",\"ipinfo\",\"spur\"],\"id\":\"1b9e0a9c-4cd9-5813-8aa5-88c40be2fff3\",\"ingestion_time\":\"2025-01-22T21:24:32.687Z\"},\"organization\":{\"id\":25},\"service\":{\"account_id\":\"ven04338\",\"id\":29689,\"name\":\"ServiceNow - Prod\",\"slug\":\"snow\",\"type\":\"snow\"}},\"event\":{\"action\":\"notify_workflow\",\"code\":\"flow.fire\",\"created\":\"2025-01-22T21:24:32.639Z\",\"dataset\":\"snow_sysevent\",\"id\":\"ab91810d1bdb1a50101acb70604bcbc0\",\"ingested\":\"2025-01-22T21:24:32.687Z\",\"kind\":\"event\",\"module\":\"snow\",\"original\":\"{\\\"instance\\\":\\\"2f91810d94db1a504f360927495196bf\\\",\\\"name\\\":\\\"flow.fire\\\",\\\"parm1\\\":null,\\\"parm2\\\":\\\"6b91810de1db1a50e71fe40afe0dd7c0\\\",\\\"sys_created_by\\\":\\\"service.appomni\\\",\\\"sys_created_on\\\":\\\"2025-01-22 21:23:30\\\",\\\"sys_id\\\":\\\"ab91810d1bdb1a50101acb70604bcbc0\\\",\\\"sys_updated_by\\\":\\\"system\\\",\\\"sys_updated_on\\\":\\\"2025-01-22 21:23:32\\\",\\\"table\\\":\\\"sys_flow_context\\\",\\\"user_id\\\":\\\"8e04d7921b276490a7c052c2604bcba7\\\",\\\"user_name\\\":\\\"service.appomni\\\"}\"},\"labels\":{\"table\":\"sys_flow_context\"},\"message\":\"Fires when a Flow is ran\",\"related\":{\"user\":[\"service.appomni\"]},\"resource\":{\"id\":\"2f91810d94db1a504f360927495196bf\"},\"user\":{\"name\":\"service.appomni\"},\"version\":\"2.0.0\"} {\"@timestamp\":\"2025-01-22T21:23:24.000Z\",\"appomni\":{\"event\":{\"collected_time\":\"2025-01-22T21:24:32.638Z\",\"dataset\":\"snow_sysevent\",\"enrichments\":[\"ao_identity\",\"ipinfo\",\"spur\"],\"id\":\"dabf90f7-e32d-50c4-ad15-8122ba1f75e7\",\"ingestion_time\":\"2025-01-22T21:24:32.694Z\"},\"organization\":{\"id\":25},\"service\":{\"account_id\":\"ven04338\",\"id\":29689,\"name\":\"ServiceNow - Prod\",\"slug\":\"snow\",\"type\":\"snow\"}},\"event\":{\"action\":\"notify_workflow\",\"code\":\"flow.fire\",\"created\":\"2025-01-22T21:24:32.638Z\",\"dataset\":\"snow_sysevent\",\"id\":\"8691810d1bdb1a50101acb70604bcbbc\",\"ingested\":\"2025-01-22T21:24:32.694Z\",\"kind\":\"event\",\"module\":\"snow\",\"original\":\"{\\\"instance\\\":\\\"0a91810dc9db1a50c8dfcfc9d4cf56bb\\\",\\\"name\\\":\\\"flow.fire\\\",\\\"parm1\\\":null,\\\"parm2\\\":\\\"4691810d00db1a504466441a1128d5bc\\\",\\\"sys_created_by\\\":\\\"service.appomni\\\",\\\"sys_created_on\\\":\\\"2025-01-22 21:23:24\\\",\\\"sys_id\\\":\\\"8691810d1bdb1a50101acb70604bcbbc\\\",\\\"sys_updated_by\\\":\\\"system\\\",\\\"sys_updated_on\\\":\\\"2025-01-22 21:23:26\\\",\\\"table\\\":\\\"sys_flow_context\\\",\\\"user_id\\\":\\\"8e04d7921b276490a7c052c2604bcba7\\\",\\\"user_name\\\":\\\"service.appomni\\\"}\"},\"labels\":{\"table\":\"sys_flow_context\"},\"message\":\"Fires when a Flow is ran\",\"related\":{\"user\":[\"service.appomni\"]},\"resource\":{\"id\":\"0a91810dc9db1a50c8dfcfc9d4cf56bb\"},\"user\":{\"name\":\"service.appomni\"},\"version\":\"2.0.0\"} {\"@timestamp\":\"2025-01-22T21:23:24.000Z\",\"appomni\":{\"event\":{\"collected_time\":\"2025-01-22T21:24:32.637Z\",\"dataset\":\"snow_sysevent\",\"enrichments\":[\"ao_identity\",\"ipinfo\",\"spur\"],\"id\":\"d3e3a0d8-8f9f-55bc-b55b-3afa075db023\",\"ingestion_time\":\"2025-01-22T21:24:32.700Z\"},\"organization\":{\"id\":25},\"service\":{\"account_id\":\"ven04338\",\"id\":29689,\"name\":\"ServiceNow - Prod\",\"slug\":\"snow\",\"type\":\"snow\"}},\"event\":{\"action\":\"notify_workflow\",\"code\":\"flow.fire\",\"created\":\"2025-01-22T21:24:32.637Z\",\"dataset\":\"snow_sysevent\",\"id\":\"0691c10d1bdb1a50101acb70604bcb2b\",\"ingested\":\"2025-01-22T21:24:32.700Z\",\"kind\":\"event\",\"module\":\"snow\",\"original\":\"{\\\"instance\\\":\\\"8691c10df2db1a500514ec2e79ba9b2a\\\",\\\"name\\\":\\\"flow.fire\\\",\\\"parm1\\\":null,\\\"parm2\\\":\\\"c291c10deadb1a5027bf3dbeb38a2f2b\\\",\\\"sys_created_by\\\":\\\"service.appomni\\\",\\\"sys_created_on\\\":\\\"2025-01-22 21:23:24\\\",\\\"sys_id\\\":\\\"0691c10d1bdb1a50101acb70604bcb2b\\\",\\\"sys_updated_by\\\":\\\"system\\\",\\\"sys_updated_on\\\":\\\"2025-01-22 21:23:26\\\",\\\"table\\\":\\\"sys_flow_context\\\",\\\"user_id\\\":\\\"8e04d7921b276490a7c052c2604bcba7\\\",\\\"user_name\\\":\\\"service.appomni\\\"}\"},\"labels\":{\"table\":\"sys_flow_context\"},\"message\":\"Fires when a Flow is ran\",\"related\":{\"user\":[\"service.appomni\"]},\"resource\":{\"id\":\"8691c10df2db1a500514ec2e79ba9b2a\"},\"user\":{\"name\":\"service.appomni\"},\"version\":\"2.0.0\"} {\"@timestamp\":\"2025-01-22T21:23:24.000Z\",\"appomni\":{\"event\":{\"collected_time\":\"2025-01-22T21:24:32.638Z\",\"dataset\":\"snow_sysevent\",\"enrichments\":[\"ao_identity\",\"ipinfo\",\"spur\"],\"id\":\"89d9dc34-9bc6-52bd-968e-c74790548f8f\",\"ingestion_time\":\"2025-01-22T21:24:32.690Z\"},\"organization\":{\"id\":25},\"service\":{\"account_id\":\"ven04338\",\"id\":29689,\"name\":\"ServiceNow - Prod\",\"slug\":\"snow\",\"type\":\"snow\"}},\"event\":{\"action\":\"notify_workflow\",\"code\":\"flow.fire\",\"created\":\"2025-01-22T21:24:32.638Z\",\"dataset\":\"snow_sysevent\",\"id\":\"0691c1811b5f9650abe055f5604bcb0b\",\"ingested\":\"2025-01-22T21:24:32.690Z\",\"kind\":\"event\",\"module\":\"snow\",\"original\":\"{\\\"instance\\\":\\\"8691c181975f9650a0f07d853807bd0a\\\",\\\"name\\\":\\\"flow.fire\\\",\\\"parm1\\\":null,\\\"parm2\\\":\\\"c291c181025f96506358fedf16ea490b\\\",\\\"sys_created_by\\\":\\\"service.appomni\\\",\\\"sys_created_on\\\":\\\"2025-01-22 21:23:24\\\",\\\"sys_id\\\":\\\"0691c1811b5f9650abe055f5604bcb0b\\\",\\\"sys_updated_by\\\":\\\"system\\\",\\\"sys_updated_on\\\":\\\"2025-01-22 21:23:26\\\",\\\"table\\\":\\\"sys_flow_context\\\",\\\"user_id\\\":\\\"8e04d7921b276490a7c052c2604bcba7\\\",\\\"user_name\\\":\\\"service.appomni\\\"}\"},\"labels\":{\"table\":\"sys_flow_context\"},\"message\":\"Fires when a Flow is ran\",\"related\":{\"user\":[\"service.appomni\"]},\"resource\":{\"id\":\"8691c181975f9650a0f07d853807bd0a\"},\"user\":{\"name\":\"service.appomni\"},\"version\":\"2.0.0\"} {\"@timestamp\":\"2025-01-22T21:22:16.099Z\",\"appomni\":{\"event\":{\"collected_time\":\"2025-01-22T21:25:27.476Z\",\"dataset\":\"workday_activity_logging\",\"enrichments\":[\"ao_identity\",\"ipinfo\",\"spur\"],\"id\":\"3ccb30c9-9868-5087-b6c2-7df4b6f23337\",\"ingestion_time\":\"2025-01-22T21:25:27.597Z\"},\"organization\":{\"id\":15},\"service\":{\"account_id\":\"impl.workday.com-appomni_dpt1\",\"id\":94,\"name\":\"Workday - Prod\",\"slug\":\"workday\",\"type\":\"workday\"},\"source\":{\"id\":\"75375e31-ec83-4554-ad88-8672a5ea419a\"}},\"event\":{\"action\":\"read_resource\",\"code\":\"READ\",\"created\":\"2025-01-22T21:25:27.476Z\",\"dataset\":\"workday_activity_logging\",\"ingested\":\"2025-01-22T21:25:27.597Z\",\"kind\":\"event\",\"module\":\"workday\",\"original\":\"{\\\"activityAction\\\":\\\"READ\\\",\\\"ipAddress\\\":\\\"34.168.110.251\\\",\\\"requestTime\\\":\\\"2025-01-22T21:22:16.099Z\\\",\\\"sessionId\\\":\\\"e3a031\\\",\\\"systemAccount\\\":\\\"appomni_int_allan_2024\\\",\\\"taskDisplayName\\\":\\\"privacy/activityLogging/userActivity (GET) (v1 - \u2005)\\\",\\\"taskId\\\":\\\"e67b812850dc100047be196f396d745f\\\"}\",\"outcome\":\"success\",\"type\":[\"info\"]},\"message\":\"privacy/activityLogging/userActivity (GET) (v1 - \u2005)\",\"related\":{\"ip\":[\"34.168.110.251\"],\"user\":[\"appomni_int_allan_2024\"]},\"session\":{\"id\":\"e3a031\"},\"source\":{\"address\":\"34.168.110.251\",\"as\":{\"country\":\"US\",\"domain\":\"google.com\",\"number\":396982,\"organization\":{\"name\":\"Google LLC\"},\"type\":\"hosting\"},\"geo\":{\"city_name\":\"The Dalles\",\"country_iso_code\":\"US\",\"location\":{\"lat\":45.59456,\"lon\":-121.17868},\"postal_code\":\"97058\",\"region_name\":\"Oregon\",\"timezone\":\"America/Los_Angeles\"},\"ip\":\"34.168.110.251\"},\"tags\":[\"appomni_source\"],\"user\":{\"name\":\"appomni_int_allan_2024\"},\"version\":\"2.0.0\"} {\"@timestamp\":\"2025-01-22T21:21:28.067Z\",\"appomni\":{\"event\":{\"collected_time\":\"2025-01-22T21:25:27.475Z\",\"dataset\":\"workday_activity_logging\",\"enrichments\":[\"ao_identity\",\"ipinfo\",\"spur\"],\"id\":\"e8f4261a-4093-5249-98be-a09bbf6f9424\",\"ingestion_time\":\"2025-01-22T21:25:27.597Z\"},\"organization\":{\"id\":15},\"service\":{\"account_id\":\"impl.workday.com-appomni_dpt1\",\"id\":94,\"name\":\"Workday - Prod\",\"slug\":\"workday\",\"type\":\"workday\"},\"source\":{\"id\":\"75375e31-ec83-4554-ad88-8672a5ea419a\"}},\"event\":{\"action\":\"read_resource\",\"code\":\"READ\",\"created\":\"2025-01-22T21:25:27.475Z\",\"dataset\":\"workday_activity_logging\",\"ingested\":\"2025-01-22T21:25:27.597Z\",\"kind\":\"event\",\"module\":\"workday\",\"original\":\"{\\\"activityAction\\\":\\\"READ\\\",\\\"ipAddress\\\":\\\"104.154.208.107\\\",\\\"requestTime\\\":\\\"2025-01-22T21:21:28.067Z\\\",\\\"sessionId\\\":\\\"622d2a\\\",\\\"systemAccount\\\":\\\"appomni_int_allan_2024\\\",\\\"taskDisplayName\\\":\\\"privacy/activityLogging/userActivity (GET) (v1 - \u2005)\\\",\\\"taskId\\\":\\\"e67b812850dc100047be196f396d745f\\\"}\",\"outcome\":\"success\",\"type\":[\"info\"]},\"message\":\"privacy/activityLogging/userActivity (GET) (v1 - \u2005)\",\"related\":{\"ip\":[\"104.154.208.107\"],\"user\":[\"appomni_int_allan_2024\"]},\"session\":{\"id\":\"622d2a\"},\"source\":{\"address\":\"104.154.208.107\",\"as\":{\"country\":\"US\",\"domain\":\"google.com\",\"number\":396982,\"organization\":{\"name\":\"Google LLC\"},\"type\":\"hosting\"},\"geo\":{\"city_name\":\"Council Bluffs\",\"country_iso_code\":\"US\",\"location\":{\"lat\":41.26194,\"lon\":-95.86083},\"postal_code\":\"51502\",\"region_name\":\"Iowa\",\"timezone\":\"America/Chicago\"},\"ip\":\"104.154.208.107\"},\"tags\":[\"appomni_source\"],\"user\":{\"name\":\"appomni_int_allan_2024\"},\"version\":\"2.0.0\"} {\"@timestamp\":\"2025-01-22T21:21:28.689Z\",\"appomni\":{\"event\":{\"collected_time\":\"2025-01-22T21:21:29.321Z\",\"dataset\":\"crowdstrike_audit_log\",\"enrichments\":[\"ao_identity\",\"ipinfo\",\"spur\"],\"id\":\"1bd35b31-09b3-5842-8292-f088a74a1066\",\"ingestion_time\":\"2025-01-22T21:21:39.460Z\"},\"organization\":{\"id\":25},\"service\":{\"account_id\":\"b2a15190-650c-4f40-b0d0-18fbd94a85ff\",\"id\":15172,\"name\":\"CrowdStrike - UAT\",\"slug\":\"crowdstrike\",\"type\":\"crowdstrike\"},\"source\":{\"id\":\"f678ef17-5741-4a5b-bf52-6beb345b2116\"}},\"event\":{\"action\":\"start_task\",\"code\":\"streamStarted\",\"created\":\"2025-01-22T21:21:29.321Z\",\"dataset\":\"crowdstrike_audit_log\",\"ingested\":\"2025-01-22T21:21:39.460Z\",\"kind\":\"event\",\"module\":\"Crowdstrike Streaming API\",\"original\":\"{\\\"event\\\":{\\\"Attributes\\\":{\\\"APIClientID\\\":\\\"7692ce50e2a04cf588196d6d5bce462d\\\",\\\"appId\\\":\\\"ao_event_collector-2c080055\\\",\\\"eventType\\\":\\\"All event type(s)\\\",\\\"offset\\\":\\\"1686634\\\",\\\"partition\\\":\\\"0\\\"},\\\"AuditKeyValues\\\":[{\\\"Key\\\":\\\"appId\\\",\\\"ValueString\\\":\\\"ao_event_collector-2c080055\\\"},{\\\"Key\\\":\\\"eventType\\\",\\\"ValueString\\\":\\\"All event type(s)\\\"},{\\\"Key\\\":\\\"APIClientID\\\",\\\"ValueString\\\":\\\"7692ce50e2a04cf588196d6d5bce462d\\\"},{\\\"Key\\\":\\\"partition\\\",\\\"ValueString\\\":\\\"0\\\"},{\\\"Key\\\":\\\"offset\\\",\\\"ValueString\\\":\\\"1686634\\\"}],\\\"Message\\\":\\\"\\\",\\\"OperationName\\\":\\\"streamStarted\\\",\\\"ServiceName\\\":\\\"Crowdstrike Streaming API\\\",\\\"Source\\\":\\\"Crowdstrike Streaming API\\\",\\\"SourceIp\\\":\\\"34.173.236.233\\\",\\\"Success\\\":true,\\\"UTCTimestamp\\\":1737580888,\\\"UserId\\\":\\\"api-client-id:7692ce50e2a04cf588196d6d5bce462d\\\",\\\"UserIp\\\":\\\"34.173.236.233\\\"},\\\"metadata\\\":{\\\"customerIDString\\\":\\\"4cc0dd15475e49d1861693cd9fc73f11\\\",\\\"eventCreationTime\\\":1737580888689,\\\"eventType\\\":\\\"AuthActivityAuditEvent\\\",\\\"offset\\\":1686926,\\\"version\\\":\\\"1.0\\\"}}\",\"outcome\":\"success\",\"provider\":\"AuthActivityAuditEvent\",\"start\":\"2025-01-22T21:21:28.000Z\"},\"related\":{\"ip\":[\"34.173.236.233\"],\"user\":[\"api-client-id:7692ce50e2a04cf588196d6d5bce462d\"]},\"source\":{\"address\":\"34.173.236.233\",\"as\":{\"country\":\"US\",\"domain\":\"google.com\",\"number\":396982,\"organization\":{\"name\":\"Google LLC\"},\"type\":\"hosting\"},\"geo\":{\"city_name\":\"Council Bluffs\",\"country_iso_code\":\"US\",\"location\":{\"lat\":41.26194,\"lon\":-95.86083},\"postal_code\":\"51502\",\"region_name\":\"Iowa\",\"timezone\":\"America/Chicago\"},\"ip\":\"34.173.236.233\"},\"tags\":[\"appomni_source\"],\"user\":{\"name\":\"api-client-id:7692ce50e2a04cf588196d6d5bce462d\"},\"version\":\"2.0.0\"} {\"@timestamp\":\"2025-01-22T21:21:28.425Z\",\"appomni\":{\"event\":{\"collected_time\":\"2025-01-22T21:21:29.160Z\",\"dataset\":\"crowdstrike_audit_log\",\"enrichments\":[\"ao_identity\",\"ipinfo\",\"spur\"],\"id\":\"169836ad-58ec-5feb-867c-8b33cfc4ad9c\",\"ingestion_time\":\"2025-01-22T21:21:39.474Z\"},\"organization\":{\"id\":25},\"service\":{\"account_id\":\"b2a15190-650c-4f40-b0d0-18fbd94a85ff\",\"id\":15172,\"name\":\"CrowdStrike - UAT\",\"slug\":\"crowdstrike\",\"type\":\"crowdstrike\"},\"source\":{\"id\":\"f678ef17-5741-4a5b-bf52-6beb345b2116\"}},\"event\":{\"action\":\"unknown\",\"code\":\"logged\",\"created\":\"2025-01-22T21:21:29.160Z\",\"dataset\":\"crowdstrike_audit_log\",\"ingested\":\"2025-01-22T21:21:39.474Z\",\"kind\":\"event\",\"module\":\"api_request\",\"original\":\"{\\\"event\\\":{\\\"Attributes\\\":{\\\"APIClientID\\\":\\\"7692ce50e2a04cf588196d6d5bce462d\\\",\\\"cid\\\":\\\"4cc0dd15475e49d1861693cd9fc73f11\\\",\\\"consumes\\\":\\\"[application/json]\\\",\\\"elapsed_microseconds\\\":\\\"110461\\\",\\\"elapsed_time\\\":\\\"110.461629ms\\\",\\\"produces\\\":\\\"[application/json]\\\",\\\"received_time\\\":\\\"2025-01-22T21:21:28.315105016Z\\\",\\\"request_method\\\":\\\"GET\\\",\\\"request_path\\\":\\\"/sensors/entities/datafeed/v2\\\",\\\"request_query\\\":\\\"appId=ao_event_collector-2c080055\\\",\\\"request_uri_length\\\":\\\"63\\\",\\\"scopes\\\":\\\"streaming:read\\\",\\\"status_code\\\":\\\"200\\\",\\\"trace_id\\\":\\\"cab1258e-a29f-4f28-84b5-2c3b78c1c6a1\\\",\\\"user_agent\\\":\\\"AppOmni_SSPM_v1\\\",\\\"user_ip\\\":\\\"34.173.236.233\\\"},\\\"AuditKeyValues\\\":[{\\\"Key\\\":\\\"request_uri_length\\\",\\\"ValueString\\\":\\\"63\\\"},{\\\"Key\\\":\\\"user_agent\\\",\\\"ValueString\\\":\\\"AppOmni_SSPM_v1\\\"},{\\\"Key\\\":\\\"elapsed_microseconds\\\",\\\"ValueString\\\":\\\"110461\\\"},{\\\"Key\\\":\\\"trace_id\\\",\\\"ValueString\\\":\\\"cab1258e-a29f-4f28-84b5-2c3b78c1c6a1\\\"},{\\\"Key\\\":\\\"APIClientID\\\",\\\"ValueString\\\":\\\"7692ce50e2a04cf588196d6d5bce462d\\\"},{\\\"Key\\\":\\\"request_query\\\",\\\"ValueString\\\":\\\"appId=ao_event_collector-2c080055\\\"},{\\\"Key\\\":\\\"request_method\\\",\\\"ValueString\\\":\\\"GET\\\"},{\\\"Key\\\":\\\"consumes\\\",\\\"ValueString\\\":\\\"[application/json]\\\"},{\\\"Key\\\":\\\"produces\\\",\\\"ValueString\\\":\\\"[application/json]\\\"},{\\\"Key\\\":\\\"user_ip\\\",\\\"ValueString\\\":\\\"34.173.236.233\\\"},{\\\"Key\\\":\\\"request_path\\\",\\\"ValueString\\\":\\\"/sensors/entities/datafeed/v2\\\"},{\\\"Key\\\":\\\"received_time\\\",\\\"ValueString\\\":\\\"2025-01-22T21:21:28.315105016Z\\\"},{\\\"Key\\\":\\\"elapsed_time\\\",\\\"ValueString\\\":\\\"110.461629ms\\\"},{\\\"Key\\\":\\\"cid\\\",\\\"ValueString\\\":\\\"4cc0dd15475e49d1861693cd9fc73f11\\\"},{\\\"Key\\\":\\\"scopes\\\",\\\"ValueString\\\":\\\"streaming:read\\\"},{\\\"Key\\\":\\\"status_code\\\",\\\"ValueString\\\":\\\"200\\\"}],\\\"Message\\\":\\\"\\\",\\\"OperationName\\\":\\\"logged\\\",\\\"ServiceName\\\":\\\"api_request\\\",\\\"Source\\\":\\\"api_request\\\",\\\"SourceIp\\\":\\\"34.173.236.233\\\",\\\"Success\\\":true,\\\"UTCTimestamp\\\":1737580888,\\\"UserId\\\":\\\"\\\",\\\"UserIp\\\":\\\"34.173.236.233\\\"},\\\"metadata\\\":{\\\"customerIDString\\\":\\\"4cc0dd15475e49d1861693cd9fc73f11\\\",\\\"eventCreationTime\\\":1737580888425,\\\"eventType\\\":\\\"AuthActivityAuditEvent\\\",\\\"offset\\\":1686925,\\\"version\\\":\\\"1.0\\\"}}\",\"outcome\":\"success\",\"provider\":\"AuthActivityAuditEvent\",\"start\":\"2025-01-22T21:21:28.000Z\"},\"related\":{\"ip\":[\"34.173.236.233\"]},\"source\":{\"address\":\"34.173.236.233\",\"as\":{\"country\":\"US\",\"domain\":\"google.com\",\"number\":396982,\"organization\":{\"name\":\"Google LLC\"},\"type\":\"hosting\"},\"geo\":{\"city_name\":\"Council Bluffs\",\"country_iso_code\":\"US\",\"location\":{\"lat\":41.26194,\"lon\":-95.86083},\"postal_code\":\"51502\",\"region_name\":\"Iowa\",\"timezone\":\"America/Chicago\"},\"ip\":\"34.173.236.233\"},\"tags\":[\"appomni_source\"],\"version\":\"2.0.0\"} {\"@timestamp\":\"2025-01-22T21:21:28.689Z\",\"appomni\":{\"event\":{\"collected_time\":\"2025-01-22T21:21:29.321Z\",\"dataset\":\"crowdstrike_audit_log\",\"enrichments\":[\"ao_identity\",\"ipinfo\",\"spur\"],\"id\":\"1bd35b31-09b3-5842-8292-f088a74a1066\",\"ingestion_time\":\"2025-01-22T21:21:39.460Z\"},\"organization\":{\"id\":25},\"service\":{\"account_id\":\"b2a15190-650c-4f40-b0d0-18fbd94a85ff\",\"id\":15172,\"name\":\"CrowdStrike - UAT\",\"slug\":\"crowdstrike\",\"type\":\"crowdstrike\"},\"source\":{\"id\":\"f678ef17-5741-4a5b-bf52-6beb345b2116\"}},\"event\":{\"action\":\"start_task\",\"code\":\"streamStarted\",\"created\":\"2025-01-22T21:21:29.321Z\",\"dataset\":\"crowdstrike_audit_log\",\"ingested\":\"2025-01-22T21:21:39.460Z\",\"kind\":\"event\",\"module\":\"Crowdstrike Streaming API\",\"original\":\"{\\\"event\\\":{\\\"Attributes\\\":{\\\"APIClientID\\\":\\\"7692ce50e2a04cf588196d6d5bce462d\\\",\\\"appId\\\":\\\"ao_event_collector-2c080055\\\",\\\"eventType\\\":\\\"All event type(s)\\\",\\\"offset\\\":\\\"1686634\\\",\\\"partition\\\":\\\"0\\\"},\\\"AuditKeyValues\\\":[{\\\"Key\\\":\\\"appId\\\",\\\"ValueString\\\":\\\"ao_event_collector-2c080055\\\"},{\\\"Key\\\":\\\"eventType\\\",\\\"ValueString\\\":\\\"All event type(s)\\\"},{\\\"Key\\\":\\\"APIClientID\\\",\\\"ValueString\\\":\\\"7692ce50e2a04cf588196d6d5bce462d\\\"},{\\\"Key\\\":\\\"partition\\\",\\\"ValueString\\\":\\\"0\\\"},{\\\"Key\\\":\\\"offset\\\",\\\"ValueString\\\":\\\"1686634\\\"}],\\\"Message\\\":\\\"\\\",\\\"OperationName\\\":\\\"streamStarted\\\",\\\"ServiceName\\\":\\\"Crowdstrike Streaming API\\\",\\\"Source\\\":\\\"Crowdstrike Streaming API\\\",\\\"SourceIp\\\":\\\"34.173.236.233\\\",\\\"Success\\\":true,\\\"UTCTimestamp\\\":1737580888,\\\"UserId\\\":\\\"api-client-id:7692ce50e2a04cf588196d6d5bce462d\\\",\\\"UserIp\\\":\\\"34.173.236.233\\\"},\\\"metadata\\\":{\\\"customerIDString\\\":\\\"4cc0dd15475e49d1861693cd9fc73f11\\\",\\\"eventCreationTime\\\":1737580888689,\\\"eventType\\\":\\\"AuthActivityAuditEvent\\\",\\\"offset\\\":1686926,\\\"version\\\":\\\"1.0\\\"}}\",\"outcome\":\"success\",\"provider\":\"AuthActivityAuditEvent\",\"start\":\"2025-01-22T21:21:28.000Z\"},\"related\":{\"ip\":[\"34.173.236.233\"],\"user\":[\"api-client-id:7692ce50e2a04cf588196d6d5bce462d\"]},\"source\":{\"address\":\"34.173.236.233\",\"as\":{\"country\":\"US\",\"domain\":\"google.com\",\"number\":396982,\"organization\":{\"name\":\"Google LLC\"},\"type\":\"hosting\"},\"geo\":{\"city_name\":\"Council Bluffs\",\"country_iso_code\":\"US\",\"location\":{\"lat\":41.26194,\"lon\":-95.86083},\"postal_code\":\"51502\",\"region_name\":\"Iowa\",\"timezone\":\"America/Chicago\"},\"ip\":\"34.173.236.233\"},\"tags\":[\"appomni_source\"],\"user\":{\"name\":\"api-client-id:7692ce50e2a04cf588196d6d5bce462d\"},\"version\":\"2.0.0\"} {\"@timestamp\":\"2025-01-22T21:21:28.425Z\",\"appomni\":{\"event\":{\"collected_time\":\"2025-01-22T21:21:29.160Z\",\"dataset\":\"crowdstrike_audit_log\",\"enrichments\":[\"ao_identity\",\"ipinfo\",\"spur\"],\"id\":\"169836ad-58ec-5feb-867c-8b33cfc4ad9c\",\"ingestion_time\":\"2025-01-22T21:21:39.474Z\"},\"organization\":{\"id\":25},\"service\":{\"account_id\":\"b2a15190-650c-4f40-b0d0-18fbd94a85ff\",\"id\":15172,\"name\":\"CrowdStrike - UAT\",\"slug\":\"crowdstrike\",\"type\":\"crowdstrike\"},\"source\":{\"id\":\"f678ef17-5741-4a5b-bf52-6beb345b2116\"}},\"event\":{\"action\":\"unknown\",\"code\":\"logged\",\"created\":\"2025-01-22T21:21:29.160Z\",\"dataset\":\"crowdstrike_audit_log\",\"ingested\":\"2025-01-22T21:21:39.474Z\",\"kind\":\"event\",\"module\":\"api_request\",\"original\":\"{\\\"event\\\":{\\\"Attributes\\\":{\\\"APIClientID\\\":\\\"7692ce50e2a04cf588196d6d5bce462d\\\",\\\"cid\\\":\\\"4cc0dd15475e49d1861693cd9fc73f11\\\",\\\"consumes\\\":\\\"[application/json]\\\",\\\"elapsed_microseconds\\\":\\\"110461\\\",\\\"elapsed_time\\\":\\\"110.461629ms\\\",\\\"produces\\\":\\\"[application/json]\\\",\\\"received_time\\\":\\\"2025-01-22T21:21:28.315105016Z\\\",\\\"request_method\\\":\\\"GET\\\",\\\"request_path\\\":\\\"/sensors/entities/datafeed/v2\\\",\\\"request_query\\\":\\\"appId=ao_event_collector-2c080055\\\",\\\"request_uri_length\\\":\\\"63\\\",\\\"scopes\\\":\\\"streaming:read\\\",\\\"status_code\\\":\\\"200\\\",\\\"trace_id\\\":\\\"cab1258e-a29f-4f28-84b5-2c3b78c1c6a1\\\",\\\"user_agent\\\":\\\"AppOmni_SSPM_v1\\\",\\\"user_ip\\\":\\\"34.173.236.233\\\"},\\\"AuditKeyValues\\\":[{\\\"Key\\\":\\\"request_uri_length\\\",\\\"ValueString\\\":\\\"63\\\"},{\\\"Key\\\":\\\"user_agent\\\",\\\"ValueString\\\":\\\"AppOmni_SSPM_v1\\\"},{\\\"Key\\\":\\\"elapsed_microseconds\\\",\\\"ValueString\\\":\\\"110461\\\"},{\\\"Key\\\":\\\"trace_id\\\",\\\"ValueString\\\":\\\"cab1258e-a29f-4f28-84b5-2c3b78c1c6a1\\\"},{\\\"Key\\\":\\\"APIClientID\\\",\\\"ValueString\\\":\\\"7692ce50e2a04cf588196d6d5bce462d\\\"},{\\\"Key\\\":\\\"request_query\\\",\\\"ValueString\\\":\\\"appId=ao_event_collector-2c080055\\\"},{\\\"Key\\\":\\\"request_method\\\",\\\"ValueString\\\":\\\"GET\\\"},{\\\"Key\\\":\\\"consumes\\\",\\\"ValueString\\\":\\\"[application/json]\\\"},{\\\"Key\\\":\\\"produces\\\",\\\"ValueString\\\":\\\"[application/json]\\\"},{\\\"Key\\\":\\\"user_ip\\\",\\\"ValueString\\\":\\\"34.173.236.233\\\"},{\\\"Key\\\":\\\"request_path\\\",\\\"ValueString\\\":\\\"/sensors/entities/datafeed/v2\\\"},{\\\"Key\\\":\\\"received_time\\\",\\\"ValueString\\\":\\\"2025-01-22T21:21:28.315105016Z\\\"},{\\\"Key\\\":\\\"elapsed_time\\\",\\\"ValueString\\\":\\\"110.461629ms\\\"},{\\\"Key\\\":\\\"cid\\\",\\\"ValueString\\\":\\\"4cc0dd15475e49d1861693cd9fc73f11\\\"},{\\\"Key\\\":\\\"scopes\\\",\\\"ValueString\\\":\\\"streaming:read\\\"},{\\\"Key\\\":\\\"status_code\\\",\\\"ValueString\\\":\\\"200\\\"}],\\\"Message\\\":\\\"\\\",\\\"OperationName\\\":\\\"logged\\\",\\\"ServiceName\\\":\\\"api_request\\\",\\\"Source\\\":\\\"api_request\\\",\\\"SourceIp\\\":\\\"34.173.236.233\\\",\\\"Success\\\":true,\\\"UTCTimestamp\\\":1737580888,\\\"UserId\\\":\\\"\\\",\\\"UserIp\\\":\\\"34.173.236.233\\\"},\\\"metadata\\\":{\\\"customerIDString\\\":\\\"4cc0dd15475e49d1861693cd9fc73f11\\\",\\\"eventCreationTime\\\":1737580888425,\\\"eventType\\\":\\\"AuthActivityAuditEvent\\\",\\\"offset\\\":1686925,\\\"version\\\":\\\"1.0\\\"}}\",\"outcome\":\"success\",\"provider\":\"AuthActivityAuditEvent\",\"start\":\"2025-01-22T21:21:28.000Z\"},\"related\":{\"ip\":[\"34.173.236.233\"]},\"source\":{\"address\":\"34.173.236.233\",\"as\":{\"country\":\"US\",\"domain\":\"google.com\",\"number\":396982,\"organization\":{\"name\":\"Google LLC\"},\"type\":\"hosting\"},\"geo\":{\"city_name\":\"Council Bluffs\",\"country_iso_code\":\"US\",\"location\":{\"lat\":41.26194,\"lon\":-95.86083},\"postal_code\":\"51502\",\"region_name\":\"Iowa\",\"timezone\":\"America/Chicago\"},\"ip\":\"34.173.236.233\"},\"tags\":[\"appomni_source\"],\"version\":\"2.0.0\"} {\"@timestamp\":\"2025-01-22T21:20:23.600Z\",\"appomni\":{\"event\":{\"collected_time\":\"2025-01-22T21:21:29.159Z\",\"dataset\":\"crowdstrike_audit_log\",\"enrichments\":[\"ao_identity\",\"ipinfo\",\"spur\"],\"id\":\"a8a24a0b-beb0-585d-b1a8-e238ac41aab8\",\"ingestion_time\":\"2025-01-22T21:21:39.460Z\"},\"organization\":{\"id\":25},\"service\":{\"account_id\":\"b2a15190-650c-4f40-b0d0-18fbd94a85ff\",\"id\":15172,\"name\":\"CrowdStrike - UAT\",\"slug\":\"crowdstrike\",\"type\":\"crowdstrike\"},\"source\":{\"id\":\"f678ef17-5741-4a5b-bf52-6beb345b2116\"}},\"event\":{\"action\":\"unknown\",\"code\":\"logged\",\"created\":\"2025-01-22T21:21:29.159Z\",\"dataset\":\"crowdstrike_audit_log\",\"ingested\":\"2025-01-22T21:21:39.460Z\",\"kind\":\"event\",\"module\":\"api_request\",\"original\":\"{\\\"event\\\":{\\\"Attributes\\\":{\\\"APIClientID\\\":\\\"7692ce50e2a04cf588196d6d5bce462d\\\",\\\"cid\\\":\\\"4cc0dd15475e49d1861693cd9fc73f11\\\",\\\"consumes\\\":\\\"[application/x-www-form-urlencoded text/html]\\\",\\\"elapsed_microseconds\\\":\\\"153962\\\",\\\"elapsed_time\\\":\\\"153.962786ms\\\",\\\"produces\\\":\\\"[application/json]\\\",\\\"received_time\\\":\\\"2025-01-22T21:20:23.445915069Z\\\",\\\"request_content_type\\\":\\\"application/x-www-form-urlencoded\\\",\\\"request_method\\\":\\\"POST\\\",\\\"request_path\\\":\\\"/oauth2/token\\\",\\\"request_uri_length\\\":\\\"13\\\",\\\"status_code\\\":\\\"201\\\",\\\"trace_id\\\":\\\"42db2b12-ccc0-477e-ad76-183461653cec\\\",\\\"user_agent\\\":\\\"AppOmni_SSPM_v1\\\",\\\"user_ip\\\":\\\"34.145.56.210\\\"},\\\"AuditKeyValues\\\":[{\\\"Key\\\":\\\"consumes\\\",\\\"ValueString\\\":\\\"[application/x-www-form-urlencoded text/html]\\\"},{\\\"Key\\\":\\\"request_method\\\",\\\"ValueString\\\":\\\"POST\\\"},{\\\"Key\\\":\\\"status_code\\\",\\\"ValueString\\\":\\\"201\\\"},{\\\"Key\\\":\\\"user_ip\\\",\\\"ValueString\\\":\\\"34.145.56.210\\\"},{\\\"Key\\\":\\\"elapsed_time\\\",\\\"ValueString\\\":\\\"153.962786ms\\\"},{\\\"Key\\\":\\\"elapsed_microseconds\\\",\\\"ValueString\\\":\\\"153962\\\"},{\\\"Key\\\":\\\"trace_id\\\",\\\"ValueString\\\":\\\"42db2b12-ccc0-477e-ad76-183461653cec\\\"},{\\\"Key\\\":\\\"received_time\\\",\\\"ValueString\\\":\\\"2025-01-22T21:20:23.445915069Z\\\"},{\\\"Key\\\":\\\"produces\\\",\\\"ValueString\\\":\\\"[application/json]\\\"},{\\\"Key\\\":\\\"request_uri_length\\\",\\\"ValueString\\\":\\\"13\\\"},{\\\"Key\\\":\\\"user_agent\\\",\\\"ValueString\\\":\\\"AppOmni_SSPM_v1\\\"},{\\\"Key\\\":\\\"request_content_type\\\",\\\"ValueString\\\":\\\"application/x-www-form-urlencoded\\\"},{\\\"Key\\\":\\\"cid\\\",\\\"ValueString\\\":\\\"4cc0dd15475e49d1861693cd9fc73f11\\\"},{\\\"Key\\\":\\\"request_path\\\",\\\"ValueString\\\":\\\"/oauth2/token\\\"},{\\\"Key\\\":\\\"APIClientID\\\",\\\"ValueString\\\":\\\"7692ce50e2a04cf588196d6d5bce462d\\\"}],\\\"Message\\\":\\\"\\\",\\\"OperationName\\\":\\\"logged\\\",\\\"ServiceName\\\":\\\"api_request\\\",\\\"Source\\\":\\\"api_request\\\",\\\"SourceIp\\\":\\\"34.145.56.210\\\",\\\"Success\\\":true,\\\"UTCTimestamp\\\":1737580823,\\\"UserId\\\":\\\"\\\",\\\"UserIp\\\":\\\"34.145.56.210\\\"},\\\"metadata\\\":{\\\"customerIDString\\\":\\\"4cc0dd15475e49d1861693cd9fc73f11\\\",\\\"eventCreationTime\\\":1737580823600,\\\"eventType\\\":\\\"AuthActivityAuditEvent\\\",\\\"offset\\\":1686923,\\\"version\\\":\\\"1.0\\\"}}\",\"outcome\":\"success\",\"provider\":\"AuthActivityAuditEvent\",\"start\":\"2025-01-22T21:20:23.000Z\"},\"related\":{\"ip\":[\"34.145.56.210\"]},\"source\":{\"address\":\"34.145.56.210\",\"as\":{\"country\":\"US\",\"domain\":\"google.com\",\"number\":396982,\"organization\":{\"name\":\"Google LLC\"},\"type\":\"hosting\"},\"geo\":{\"city_name\":\"The Dalles\",\"country_iso_code\":\"US\",\"location\":{\"lat\":45.59456,\"lon\":-121.17868},\"postal_code\":\"97058\",\"region_name\":\"Oregon\",\"timezone\":\"America/Los_Angeles\"},\"ip\":\"34.145.56.210\"},\"tags\":[\"appomni_source\"],\"version\":\"2.0.0\"} {\"@timestamp\":\"2025-01-22T21:20:23.600Z\",\"appomni\":{\"event\":{\"collected_time\":\"2025-01-22T21:21:29.159Z\",\"dataset\":\"crowdstrike_audit_log\",\"enrichments\":[\"ao_identity\",\"ipinfo\",\"spur\"],\"id\":\"a8a24a0b-beb0-585d-b1a8-e238ac41aab8\",\"ingestion_time\":\"2025-01-22T21:21:39.460Z\"},\"organization\":{\"id\":25},\"service\":{\"account_id\":\"b2a15190-650c-4f40-b0d0-18fbd94a85ff\",\"id\":15172,\"name\":\"CrowdStrike - UAT\",\"slug\":\"crowdstrike\",\"type\":\"crowdstrike\"},\"source\":{\"id\":\"f678ef17-5741-4a5b-bf52-6beb345b2116\"}},\"event\":{\"action\":\"unknown\",\"code\":\"logged\",\"created\":\"2025-01-22T21:21:29.159Z\",\"dataset\":\"crowdstrike_audit_log\",\"ingested\":\"2025-01-22T21:21:39.460Z\",\"kind\":\"event\",\"module\":\"api_request\",\"original\":\"{\\\"event\\\":{\\\"Attributes\\\":{\\\"APIClientID\\\":\\\"7692ce50e2a04cf588196d6d5bce462d\\\",\\\"cid\\\":\\\"4cc0dd15475e49d1861693cd9fc73f11\\\",\\\"consumes\\\":\\\"[application/x-www-form-urlencoded text/html]\\\",\\\"elapsed_microseconds\\\":\\\"153962\\\",\\\"elapsed_time\\\":\\\"153.962786ms\\\",\\\"produces\\\":\\\"[application/json]\\\",\\\"received_time\\\":\\\"2025-01-22T21:20:23.445915069Z\\\",\\\"request_content_type\\\":\\\"application/x-www-form-urlencoded\\\",\\\"request_method\\\":\\\"POST\\\",\\\"request_path\\\":\\\"/oauth2/token\\\",\\\"request_uri_length\\\":\\\"13\\\",\\\"status_code\\\":\\\"201\\\",\\\"trace_id\\\":\\\"42db2b12-ccc0-477e-ad76-183461653cec\\\",\\\"user_agent\\\":\\\"AppOmni_SSPM_v1\\\",\\\"user_ip\\\":\\\"34.145.56.210\\\"},\\\"AuditKeyValues\\\":[{\\\"Key\\\":\\\"consumes\\\",\\\"ValueString\\\":\\\"[application/x-www-form-urlencoded text/html]\\\"},{\\\"Key\\\":\\\"request_method\\\",\\\"ValueString\\\":\\\"POST\\\"},{\\\"Key\\\":\\\"status_code\\\",\\\"ValueString\\\":\\\"201\\\"},{\\\"Key\\\":\\\"user_ip\\\",\\\"ValueString\\\":\\\"34.145.56.210\\\"},{\\\"Key\\\":\\\"elapsed_time\\\",\\\"ValueString\\\":\\\"153.962786ms\\\"},{\\\"Key\\\":\\\"elapsed_microseconds\\\",\\\"ValueString\\\":\\\"153962\\\"},{\\\"Key\\\":\\\"trace_id\\\",\\\"ValueString\\\":\\\"42db2b12-ccc0-477e-ad76-183461653cec\\\"},{\\\"Key\\\":\\\"received_time\\\",\\\"ValueString\\\":\\\"2025-01-22T21:20:23.445915069Z\\\"},{\\\"Key\\\":\\\"produces\\\",\\\"ValueString\\\":\\\"[application/json]\\\"},{\\\"Key\\\":\\\"request_uri_length\\\",\\\"ValueString\\\":\\\"13\\\"},{\\\"Key\\\":\\\"user_agent\\\",\\\"ValueString\\\":\\\"AppOmni_SSPM_v1\\\"},{\\\"Key\\\":\\\"request_content_type\\\",\\\"ValueString\\\":\\\"application/x-www-form-urlencoded\\\"},{\\\"Key\\\":\\\"cid\\\",\\\"ValueString\\\":\\\"4cc0dd15475e49d1861693cd9fc73f11\\\"},{\\\"Key\\\":\\\"request_path\\\",\\\"ValueString\\\":\\\"/oauth2/token\\\"},{\\\"Key\\\":\\\"APIClientID\\\",\\\"ValueString\\\":\\\"7692ce50e2a04cf588196d6d5bce462d\\\"}],\\\"Message\\\":\\\"\\\",\\\"OperationName\\\":\\\"logged\\\",\\\"ServiceName\\\":\\\"api_request\\\",\\\"Source\\\":\\\"api_request\\\",\\\"SourceIp\\\":\\\"34.145.56.210\\\",\\\"Success\\\":true,\\\"UTCTimestamp\\\":1737580823,\\\"UserId\\\":\\\"\\\",\\\"UserIp\\\":\\\"34.145.56.210\\\"},\\\"metadata\\\":{\\\"customerIDString\\\":\\\"4cc0dd15475e49d1861693cd9fc73f11\\\",\\\"eventCreationTime\\\":1737580823600,\\\"eventType\\\":\\\"AuthActivityAuditEvent\\\",\\\"offset\\\":1686923,\\\"version\\\":\\\"1.0\\\"}}\",\"outcome\":\"success\",\"provider\":\"AuthActivityAuditEvent\",\"start\":\"2025-01-22T21:20:23.000Z\"},\"related\":{\"ip\":[\"34.145.56.210\"]},\"source\":{\"address\":\"34.145.56.210\",\"as\":{\"country\":\"US\",\"domain\":\"google.com\",\"number\":396982,\"organization\":{\"name\":\"Google LLC\"},\"type\":\"hosting\"},\"geo\":{\"city_name\":\"The Dalles\",\"country_iso_code\":\"US\",\"location\":{\"lat\":45.59456,\"lon\":-121.17868},\"postal_code\":\"97058\",\"region_name\":\"Oregon\",\"timezone\":\"America/Los_Angeles\"},\"ip\":\"34.145.56.210\"},\"tags\":[\"appomni_source\"],\"version\":\"2.0.0\"} {\"@timestamp\":\"2025-01-22T21:20:23.867Z\",\"appomni\":{\"event\":{\"collected_time\":\"2025-01-22T21:21:29.159Z\",\"dataset\":\"crowdstrike_audit_log\",\"enrichments\":[\"ao_identity\",\"ipinfo\",\"spur\"],\"id\":\"4263d8be-cb2b-52a3-b41e-34ac10d5c15a\",\"ingestion_time\":\"2025-01-22T21:21:39.462Z\"},\"organization\":{\"id\":25},\"service\":{\"account_id\":\"b2a15190-650c-4f40-b0d0-18fbd94a85ff\",\"id\":15172,\"name\":\"CrowdStrike - UAT\",\"slug\":\"crowdstrike\",\"type\":\"crowdstrike\"},\"source\":{\"id\":\"f678ef17-5741-4a5b-bf52-6beb345b2116\"}},\"event\":{\"action\":\"unknown\",\"code\":\"logged\",\"created\":\"2025-01-22T21:21:29.159Z\",\"dataset\":\"crowdstrike_audit_log\",\"ingested\":\"2025-01-22T21:21:39.462Z\",\"kind\":\"event\",\"module\":\"api_request\",\"original\":\"{\\\"event\\\":{\\\"Attributes\\\":{\\\"APIClientID\\\":\\\"7692ce50e2a04cf588196d6d5bce462d\\\",\\\"cid\\\":\\\"4cc0dd15475e49d1861693cd9fc73f11\\\",\\\"consumes\\\":\\\"[application/json]\\\",\\\"elapsed_microseconds\\\":\\\"146099\\\",\\\"elapsed_time\\\":\\\"146.099955ms\\\",\\\"produces\\\":\\\"[application/json]\\\",\\\"received_time\\\":\\\"2025-01-22T21:20:23.721699167Z\\\",\\\"request_method\\\":\\\"GET\\\",\\\"request_path\\\":\\\"/user-management/queries/users/v1\\\",\\\"request_query\\\":\\\"limit=1\\\",\\\"request_uri_length\\\":\\\"41\\\",\\\"scopes\\\":\\\"usermgmt:read\\\",\\\"status_code\\\":\\\"200\\\",\\\"trace_id\\\":\\\"17ac49b2-a7f5-43d9-ada0-95ed312293e8\\\",\\\"user_agent\\\":\\\"AppOmni_SSPM_v1\\\",\\\"user_ip\\\":\\\"34.145.56.210\\\"},\\\"AuditKeyValues\\\":[{\\\"Key\\\":\\\"received_time\\\",\\\"ValueString\\\":\\\"2025-01-22T21:20:23.721699167Z\\\"},{\\\"Key\\\":\\\"cid\\\",\\\"ValueString\\\":\\\"4cc0dd15475e49d1861693cd9fc73f11\\\"},{\\\"Key\\\":\\\"request_query\\\",\\\"ValueString\\\":\\\"limit=1\\\"},{\\\"Key\\\":\\\"request_method\\\",\\\"ValueString\\\":\\\"GET\\\"},{\\\"Key\\\":\\\"user_ip\\\",\\\"ValueString\\\":\\\"34.145.56.210\\\"},{\\\"Key\\\":\\\"elapsed_microseconds\\\",\\\"ValueString\\\":\\\"146099\\\"},{\\\"Key\\\":\\\"APIClientID\\\",\\\"ValueString\\\":\\\"7692ce50e2a04cf588196d6d5bce462d\\\"},{\\\"Key\\\":\\\"request_uri_length\\\",\\\"ValueString\\\":\\\"41\\\"},{\\\"Key\\\":\\\"user_agent\\\",\\\"ValueString\\\":\\\"AppOmni_SSPM_v1\\\"},{\\\"Key\\\":\\\"elapsed_time\\\",\\\"ValueString\\\":\\\"146.099955ms\\\"},{\\\"Key\\\":\\\"trace_id\\\",\\\"ValueString\\\":\\\"17ac49b2-a7f5-43d9-ada0-95ed312293e8\\\"},{\\\"Key\\\":\\\"produces\\\",\\\"ValueString\\\":\\\"[application/json]\\\"},{\\\"Key\\\":\\\"request_path\\\",\\\"ValueString\\\":\\\"/user-management/queries/users/v1\\\"},{\\\"Key\\\":\\\"status_code\\\",\\\"ValueString\\\":\\\"200\\\"},{\\\"Key\\\":\\\"consumes\\\",\\\"ValueString\\\":\\\"[application/json]\\\"},{\\\"Key\\\":\\\"scopes\\\",\\\"ValueString\\\":\\\"usermgmt:read\\\"}],\\\"Message\\\":\\\"\\\",\\\"OperationName\\\":\\\"logged\\\",\\\"ServiceName\\\":\\\"api_request\\\",\\\"Source\\\":\\\"api_request\\\",\\\"SourceIp\\\":\\\"34.145.56.210\\\",\\\"Success\\\":true,\\\"UTCTimestamp\\\":1737580823,\\\"UserId\\\":\\\"\\\",\\\"UserIp\\\":\\\"34.145.56.210\\\"},\\\"metadata\\\":{\\\"customerIDString\\\":\\\"4cc0dd15475e49d1861693cd9fc73f11\\\",\\\"eventCreationTime\\\":1737580823867,\\\"eventType\\\":\\\"AuthActivityAuditEvent\\\",\\\"offset\\\":1686924,\\\"version\\\":\\\"1.0\\\"}}\",\"outcome\":\"success\",\"provider\":\"AuthActivityAuditEvent\",\"start\":\"2025-01-22T21:20:23.000Z\"},\"related\":{\"ip\":[\"34.145.56.210\"]},\"source\":{\"address\":\"34.145.56.210\",\"as\":{\"country\":\"US\",\"domain\":\"google.com\",\"number\":396982,\"organization\":{\"name\":\"Google LLC\"},\"type\":\"hosting\"},\"geo\":{\"city_name\":\"The Dalles\",\"country_iso_code\":\"US\",\"location\":{\"lat\":45.59456,\"lon\":-121.17868},\"postal_code\":\"97058\",\"region_name\":\"Oregon\",\"timezone\":\"America/Los_Angeles\"},\"ip\":\"34.145.56.210\"},\"tags\":[\"appomni_source\"],\"version\":\"2.0.0\"} {\"@timestamp\":\"2025-01-22T21:20:23.867Z\",\"appomni\":{\"event\":{\"collected_time\":\"2025-01-22T21:21:29.159Z\",\"dataset\":\"crowdstrike_audit_log\",\"enrichments\":[\"ao_identity\",\"ipinfo\",\"spur\"],\"id\":\"4263d8be-cb2b-52a3-b41e-34ac10d5c15a\",\"ingestion_time\":\"2025-01-22T21:21:39.462Z\"},\"organization\":{\"id\":25},\"service\":{\"account_id\":\"b2a15190-650c-4f40-b0d0-18fbd94a85ff\",\"id\":15172,\"name\":\"CrowdStrike - UAT\",\"slug\":\"crowdstrike\",\"type\":\"crowdstrike\"},\"source\":{\"id\":\"f678ef17-5741-4a5b-bf52-6beb345b2116\"}},\"event\":{\"action\":\"unknown\",\"code\":\"logged\",\"created\":\"2025-01-22T21:21:29.159Z\",\"dataset\":\"crowdstrike_audit_log\",\"ingested\":\"2025-01-22T21:21:39.462Z\",\"kind\":\"event\",\"module\":\"api_request\",\"original\":\"{\\\"event\\\":{\\\"Attributes\\\":{\\\"APIClientID\\\":\\\"7692ce50e2a04cf588196d6d5bce462d\\\",\\\"cid\\\":\\\"4cc0dd15475e49d1861693cd9fc73f11\\\",\\\"consumes\\\":\\\"[application/json]\\\",\\\"elapsed_microseconds\\\":\\\"146099\\\",\\\"elapsed_time\\\":\\\"146.099955ms\\\",\\\"produces\\\":\\\"[application/json]\\\",\\\"received_time\\\":\\\"2025-01-22T21:20:23.721699167Z\\\",\\\"request_method\\\":\\\"GET\\\",\\\"request_path\\\":\\\"/user-management/queries/users/v1\\\",\\\"request_query\\\":\\\"limit=1\\\",\\\"request_uri_length\\\":\\\"41\\\",\\\"scopes\\\":\\\"usermgmt:read\\\",\\\"status_code\\\":\\\"200\\\",\\\"trace_id\\\":\\\"17ac49b2-a7f5-43d9-ada0-95ed312293e8\\\",\\\"user_agent\\\":\\\"AppOmni_SSPM_v1\\\",\\\"user_ip\\\":\\\"34.145.56.210\\\"},\\\"AuditKeyValues\\\":[{\\\"Key\\\":\\\"received_time\\\",\\\"ValueString\\\":\\\"2025-01-22T21:20:23.721699167Z\\\"},{\\\"Key\\\":\\\"cid\\\",\\\"ValueString\\\":\\\"4cc0dd15475e49d1861693cd9fc73f11\\\"},{\\\"Key\\\":\\\"request_query\\\",\\\"ValueString\\\":\\\"limit=1\\\"},{\\\"Key\\\":\\\"request_method\\\",\\\"ValueString\\\":\\\"GET\\\"},{\\\"Key\\\":\\\"user_ip\\\",\\\"ValueString\\\":\\\"34.145.56.210\\\"},{\\\"Key\\\":\\\"elapsed_microseconds\\\",\\\"ValueString\\\":\\\"146099\\\"},{\\\"Key\\\":\\\"APIClientID\\\",\\\"ValueString\\\":\\\"7692ce50e2a04cf588196d6d5bce462d\\\"},{\\\"Key\\\":\\\"request_uri_length\\\",\\\"ValueString\\\":\\\"41\\\"},{\\\"Key\\\":\\\"user_agent\\\",\\\"ValueString\\\":\\\"AppOmni_SSPM_v1\\\"},{\\\"Key\\\":\\\"elapsed_time\\\",\\\"ValueString\\\":\\\"146.099955ms\\\"},{\\\"Key\\\":\\\"trace_id\\\",\\\"ValueString\\\":\\\"17ac49b2-a7f5-43d9-ada0-95ed312293e8\\\"},{\\\"Key\\\":\\\"produces\\\",\\\"ValueString\\\":\\\"[application/json]\\\"},{\\\"Key\\\":\\\"request_path\\\",\\\"ValueString\\\":\\\"/user-management/queries/users/v1\\\"},{\\\"Key\\\":\\\"status_code\\\",\\\"ValueString\\\":\\\"200\\\"},{\\\"Key\\\":\\\"consumes\\\",\\\"ValueString\\\":\\\"[application/json]\\\"},{\\\"Key\\\":\\\"scopes\\\",\\\"ValueString\\\":\\\"usermgmt:read\\\"}],\\\"Message\\\":\\\"\\\",\\\"OperationName\\\":\\\"logged\\\",\\\"ServiceName\\\":\\\"api_request\\\",\\\"Source\\\":\\\"api_request\\\",\\\"SourceIp\\\":\\\"34.145.56.210\\\",\\\"Success\\\":true,\\\"UTCTimestamp\\\":1737580823,\\\"UserId\\\":\\\"\\\",\\\"UserIp\\\":\\\"34.145.56.210\\\"},\\\"metadata\\\":{\\\"customerIDString\\\":\\\"4cc0dd15475e49d1861693cd9fc73f11\\\",\\\"eventCreationTime\\\":1737580823867,\\\"eventType\\\":\\\"AuthActivityAuditEvent\\\",\\\"offset\\\":1686924,\\\"version\\\":\\\"1.0\\\"}}\",\"outcome\":\"success\",\"provider\":\"AuthActivityAuditEvent\",\"start\":\"2025-01-22T21:20:23.000Z\"},\"related\":{\"ip\":[\"34.145.56.210\"]},\"source\":{\"address\":\"34.145.56.210\",\"as\":{\"country\":\"US\",\"domain\":\"google.com\",\"number\":396982,\"organization\":{\"name\":\"Google LLC\"},\"type\":\"hosting\"},\"geo\":{\"city_name\":\"The Dalles\",\"country_iso_code\":\"US\",\"location\":{\"lat\":45.59456,\"lon\":-121.17868},\"postal_code\":\"97058\",\"region_name\":\"Oregon\",\"timezone\":\"America/Los_Angeles\"},\"ip\":\"34.145.56.210\"},\"tags\":[\"appomni_source\"],\"version\":\"2.0.0\"} {\"@timestamp\":\"2025-01-22T21:20:09.000Z\",\"appomni\":{\"event\":{\"collected_time\":\"2025-01-22T21:24:32.638Z\",\"dataset\":\"snow_sysevent\",\"enrichments\":[\"ao_identity\",\"ipinfo\",\"spur\"],\"id\":\"5e723de5-6c33-5835-badf-9f8adce18afc\",\"ingestion_time\":\"2025-01-22T21:24:32.695Z\"},\"organization\":{\"id\":25},\"service\":{\"account_id\":\"ven04338\",\"id\":29689,\"name\":\"ServiceNow - Prod\",\"slug\":\"snow\",\"type\":\"snow\"}},\"event\":{\"action\":\"update_status\",\"code\":\"incident.inactivity\",\"created\":\"2025-01-22T21:24:32.638Z\",\"dataset\":\"snow_sysevent\",\"id\":\"66d089411b5f9650abe055f5604bcbdb\",\"ingested\":\"2025-01-22T21:24:32.695Z\",\"kind\":\"event\",\"module\":\"snow\",\"original\":\"{\\\"instance\\\":\\\"bab2180fdb44f910c45e9506f396196c\\\",\\\"name\\\":\\\"incident.inactivity\\\",\\\"parm1\\\":\\\"34a17cb4c61122b7006b897258cbd702\\\",\\\"parm2\\\":null,\\\"sys_created_by\\\":\\\"system\\\",\\\"sys_created_on\\\":\\\"2025-01-22 21:20:09\\\",\\\"sys_id\\\":\\\"66d089411b5f9650abe055f5604bcbdb\\\",\\\"sys_updated_by\\\":\\\"system\\\",\\\"sys_updated_on\\\":\\\"2025-01-22 21:20:19\\\",\\\"table\\\":\\\"incident\\\",\\\"user_id\\\":\\\"system\\\",\\\"user_name\\\":\\\"system\\\"}\"},\"labels\":{\"table\":\"incident\"},\"message\":\"System Generated Escalation Event\",\"related\":{\"user\":[\"system\"]},\"resource\":{\"id\":\"bab2180fdb44f910c45e9506f396196c\"},\"user\":{\"name\":\"system\"},\"version\":\"2.0.0\"}" |
There was a problem hiding this comment.
We'll need validation here. This should be the log source and not a sample...
temporal-github-worker-1
bot
added
product/requested-changes
and removed
product/review-requested
labels
|
Hey @jhgilbert just flagging that this integration is from a partner that's using the new integration publishing platform. |
jhgilbert
reviewed
Feb 10, 2025
|
|
||
| ## Setup | ||
|
|
||
| **Log in to Datadog** |
There was a problem hiding this comment.
Suggested change
| **Log in to Datadog** | |
| ### Create a Datadog API key |
| **Log in to Datadog** | ||
| First Obtain a Datadog [API Key][1]. See the steps below: | ||
|
|
||
| Within Datadog navigate to **Organization settings** then click **API Keys**. |
There was a problem hiding this comment.
Suggested change
| Within Datadog navigate to **Organization settings** then click **API Keys**. | |
| Within Datadog, navigate to **Organization settings**, then click **API Keys**. |
| First Obtain a Datadog [API Key][1]. See the steps below: | ||
|
|
||
| Within Datadog navigate to **Organization settings** then click **API Keys**. | ||
| 1. Click New Key |
There was a problem hiding this comment.
Suggested change
| 1. Click New Key | |
| 1. Click **New Key**. |
|
|
||
| Within Datadog navigate to **Organization settings** then click **API Keys**. | ||
| 1. Click New Key | ||
| 2. Provide a name for the API key |
There was a problem hiding this comment.
Suggested change
| 2. Provide a name for the API key | |
| 2. Provide a name for the API key. |
| Within Datadog navigate to **Organization settings** then click **API Keys**. | ||
| 1. Click New Key | ||
| 2. Provide a name for the API key | ||
| 3. Click copy API key, and save this key for later. |
There was a problem hiding this comment.
Suggested change
| 3. Click copy API key, and save this key for later. | |
| 3. Click **Copy API key**, and save this key for later. |
| ## Uninstallation | ||
|
|
||
| **Log in to Datadog** | ||
| Within Datadog navigate to **Organization settings** then click **API Keys**. |
There was a problem hiding this comment.
Suggested change
| Within Datadog navigate to **Organization settings** then click **API Keys**. | |
| Within Datadog, navigate to **Organization settings**, then click **API Keys**. |
It seems as though this should be a numbered step?
|
|
||
| **Log in to Datadog** | ||
| Within Datadog navigate to **Organization settings** then click **API Keys**. | ||
| 1. Click Revoke Key for the API key you want to remove. |
There was a problem hiding this comment.
Suggested change
| 1. Click Revoke Key for the API key you want to remove. | |
| 1. Click **Revoke Key** for the API key you want to remove. |
| Within Datadog navigate to **Organization settings** then click **API Keys**. | ||
| 1. Click Revoke Key for the API key you want to remove. | ||
|
|
||
| **Log in to AppOmni** |
There was a problem hiding this comment.
Suggested change
| **Log in to AppOmni** | |
| **Log in to AppOmni** |
This line can be deleted, and the first step can just start with "In AppOmni,". I recommend labeling the set of steps with a subheader that describes the high-level action being taken.
| **Log in to AppOmni** | ||
| 1. Navigate to **Threat Detection** and select **Destinations**. | ||
| 2. Locate the **Datadog** destination and click on it. | ||
| 3. Click the **Configuration** |
There was a problem hiding this comment.
Suggested change
| 3. Click the **Configuration** | |
| 3. Click **Configuration**. |
| 1. Navigate to **Threat Detection** and select **Destinations**. | ||
| 2. Locate the **Datadog** destination and click on it. | ||
| 3. Click the **Configuration** | ||
| 4. Click **Delete** |
There was a problem hiding this comment.
Suggested change
| 4. Click **Delete** | |
| 4. Click **Delete**. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Integration AppOmni has been created in publishing platform