The universal interface defines a set of global fields. These are fields that are required for every event, regardless the type of event. The following list represents the minimum fields required to define an event. The list includes the CDI (core/detection/informational) values for each field. For more information about CDI values, see Information Model Interface.
| Field | Core | Detection | Informational |
|---|---|---|---|
| activity | ✓ | ||
| activity_type | ✓ | ||
| host | ✓ | ||
| landscape | ✓ | ||
| outcome | ✓ | ||
| platform | ✓ | ||
| product | ✓ | ||
| product_category | ✓ | ||
| security_criticality | ✓ | ||
| subject | ✓ | ||
| time | ✓ | ||
| vendor | ✓ |