<span class="pill kill-chain">_time</span>
<span class="pill kill-chain">actors{}.name</span>
<span class="pill kill-chain">actors{}.type</span>
<span class="pill kill-chain">date_hour</span>
<span class="pill kill-chain">date_mday</span>
<span class="pill kill-chain">date_minute</span>
<span class="pill kill-chain">date_month</span>
<span class="pill kill-chain">date_second</span>
<span class="pill kill-chain">date_wday</span>
<span class="pill kill-chain">date_year</span>
<span class="pill kill-chain">date_zone</span>
<span class="pill kill-chain">extracted_source</span>
<span class="pill kill-chain">host</span>
<span class="pill kill-chain">id</span>
<span class="pill kill-chain">index</span>
<span class="pill kill-chain">linecount</span>
<span class="pill kill-chain">punct</span>
<span class="pill kill-chain">recorded</span>
<span class="pill kill-chain">resources{}.ipaddress</span>
<span class="pill kill-chain">resources{}.websession</span>
<span class="pill kill-chain">result.message</span>
<span class="pill kill-chain">result.status</span>
<span class="pill kill-chain">source</span>
<span class="pill kill-chain">sourcetype</span>
<span class="pill kill-chain">splunk_server</span>
<span class="pill kill-chain">timeendpos</span>
<span class="pill kill-chain">timestartpos</span>
</div>
Data Source: PingID
Description
Data source object for PingID
Details
| Property | Value |
|---|---|
| Source | XmlWinEventLog:Security |
| Sourcetype | XmlWinEventLog |
Event Fields
Fields
Example Log
1{"source":"PINGID","id":"b2eb1fef-651b-11ee-b38b-0ac7a554ed19","recorded":"2023-10-05T14:10:53.538Z","actors":[{"type":"user","name":"victim_user"}],"resources":[{"ipaddress":"174.235.80.142","websession":"webs_ijkF-T_bAC_G3w2TfvdpAEQeC545KFlqVFOsolCXdjo"}],"result":{"status":"SUCCESS","message":"Device Paired SMS \"Mobile 1\""}}
Source: GitHub | Version: 1