# Auth (IDAM) Version 1.2 Please check back often. These tables are updated regularly to accommodate new fields as provided by vendors. | **Field Name** | **Data Type** | | -------------------------------- | ------------- | | agent.type | text | | cloud.account.id | text | | cloud.instance.name | text | | cloud.provider | text | | cloud.region | text | | cloud.service.name | text | | destination.as.number | text | | destination.as.organization.name | text | | destination.geo.city\_name | text | | destination.geo.continent\_code | text | | destination.geo.country\_code | text | | destination.geo.country\_name | text | | destination.geo.location.lat | geopoint | | destination.geo.location.lon | geopoint | | destination.geo.region\_name | text | | destination.locality | text | | error.description | text | | event.action | text | | event.category | array | | event.created | date | | event.dataset | text | | event.id | text | | event.kind | text | | event.module | text | | event.original | | | event.outcome | text | | event.reason | text | | event.severity | text | | event.type | array | | group.id | text | | log.type | text | | message | text | | network.community\_id | text | | observer.type | text | | organisation.id | text | | related.hash | array | | related.hosts | array | | related.ip | array | | related.user | array | | rule.id | text | | rule.name | text | | sensor.id | text | | source.as.number | text | | source.as.organization.name | text | | source.geo.city\_name | text | | source.geo.continent\_code | text | | source.geo.country\_code | text | | source.geo.country\_name | text | | source.geo.location.lat | geopoint | | source.geo.location.lon | geopoint | | source.geo.region\_name | text | | source.ip | ip | | source.locality | text | | source.port | int | | source.user.email | text | | source.user.group.name | text | | source.user.id | text | | source.user.name | text | | threatintel.days | int | | threatintel.entity | text | | threatintel.event\_data | text | | threatintel.lookup | text | | threatintel.malware.malware | text | | threatintel.malware.timestamp | date/time | | threatintel.severity | text | | threatintel.tags | text | | threatintel.white\_list | text | | user\_agent.name | text | | user\_agent.original | text | | user\_agent.os.name | text | | user\_agent.version | text | | user.email | text | | user.first.name | text | | user.full\_name | text | | user.id | text | | user.last\_name | text | | user.name | text | | user.principal\_name | text | | user.role | text | | uuid | text | | uuid.full\_uuid | text |