Details
| ID | Cisco_AppDynamics_ModelingRule |
|---|---|
| From Version | 8.4.0 |
Rules (XIF)
[MODEL: dataset=cisco_appdynamics_raw]
alter
xdm.target.resource.id = to_string(objectId),
xdm.target.resource.value = changes,
xdm.source.user.username = userName,
xdm.target.resource.name = objectName,
xdm.target.resource.type = objectType,
xdm.event.description = description,
xdm.target.application.name = applicationName,
xdm.observer.type = securityProviderType,
xdm.event.outcome_reason = action,
xdm.event.outcome = if(action ~= "LOGIN_FAILED|LOGOUT_FAILED", XDM_CONST.OUTCOME_FAILED, XDM_CONST.OUTCOME_SUCCESS);
Schema
cisco_appdynamics_raw
| Field | Type | Array? |
|---|---|---|
action |
string | — |
applicationName |
string | — |
changes |
string | — |
description |
string | — |
objectId |
int | — |
objectName |
string | — |
objectType |
string | — |
securityProviderType |
string | — |
userName |
string | — |
Raw JSON
{ "cisco_appdynamics_raw": { "objectId": { "type": "int", "is_array": false }, "changes": { "type": "string", "is_array": false }, "userName": { "type": "string", "is_array": false }, "objectName": { "type": "string", "is_array": false }, "objectType": { "type": "string", "is_array": false }, "description": { "type": "string", "is_array": false }, "applicationName": { "type": "string", "is_array": false }, "securityProviderType": { "type": "string", "is_array": false }, "action": { "type": "string", "is_array": false } } }