typestringtimestamptimestampelbstringclientIpstringclientPortbiginttargetIpstringtargetPortbigintrequestProcessingTimedoubletargetProcessingTimedoubleresponseProcessingTimedoubleelbStatusCodebiginttargetStatusCodebigintreceivedBytesbigintsentBytesbigintrequestHttpMethodstringrequestUrlstringrequestHttpVersionstringuserAgentstringsslCipherstringtimestamptimestampserverHoststringusernamestringhoststringconnectionIdbigintqueryIdbigintoperationstringdatabasestringobjectstringretCodebigintp_log_typestringp_row_idstringp_event_timetimestampp_parse_timetimestampp_source_idstringp_source_labelstringp_any_ip_addresses[string]p_any_domain_names[string]p_any_sha1_hashes[string]additionalEventDatastringapiVersionstringawsRegionstringerrorCodestringerrorMessagestringeventIDstringeventNamestringeventSourcestringeventTimetimestampeventTypestringeventVersionstringmanagementEventbooleanreadOnlybooleanrecipientAccountIdstringrequestIDstringrequestParametersstringresources[{ "arn":string, "accountId":string, "type":string }]responseElementsstringserviceEventDetailsstringawsAccountIdstringdigestStartTimetimestampdigestEndTimetimestampdigestS3BucketstringdigestS3ObjectstringnewestEventTimetimestampoldestEventTimetimestamppreviousDigestS3BucketstringpreviousDigestS3ObjectstringpreviousDigestHashValuestringpreviousDigestHashAlgorithmstringpreviousDigestSignaturestringdigestPublicKeyFingerprintstringdigestSignatureAlgorithmstringlogFiles[{ "s3Bucket":string, "s3Object":string, "hashValue":string, "hashAlgorithm":string, "newestEventTime":timestamp, "oldestEventTime":timestamp }]p_event_timetimestampp_parse_timetimestampp_log_typestringp_row_idstringeventVersionstringeventTimetimestampawsRegionstringeventIdstringeventTypestringrecipientAccountIdstringsharedEventIdstringinsightDetails{ "state":string, "eventSource":string, "eventName":string, "insightType":string, "insightContext":{ "statistics":{ "baseline":{ "average":double }, "insight":{ "average":double }, "insightDuration":float } } }eventCategorystringp_event_timetimestampp_parse_timetimestampp_log_typestringp_row_idstringp_source_idstringp_source_labelstringp_any_ip_addresses[string]p_any_domain_names[string]p_any_md5_hashes[string]p_any_sha1_hashes[string]idstringaccountstringsourcestringresources[string]regionstringdetail-typestringversionstringtimetimestampdetailstringp_log_typestringp_row_idstringp_event_timetimestampp_parse_timetimestampp_source_idstringp_source_labelstringp_any_ip_addresses[string]p_any_domain_names[string]p_any_sha1_hashes[string]p_any_md5_hashes[string]schemaVersionstringaccountIdstringregionstringpartitionstringidstringarnstringtypestringresourcestringseverityfloatcreatedAttimestampupdatedAttimestamptitlestringdescriptionstringservice{ "additionalInfo":string, "action":string, "serviceName":string, "detectorId":string, "resourceRole":string, "eventFirstSeen":timestamp, "eventLastSeen":timestamp, "archived":boolean, "count":bigint }p_log_typestringp_row_idstringp_event_timetimestampp_parse_timetimestampp_source_idstringbucketownerstringbucketstringtimetimestampremoteipstringrequesterstringrequestidstringoperationstringkeystringrequesturistringhttpstatusbiginterrorcodestringbytessentbigintobjectsizebiginttotaltimebigintturnaroundtimebigintreferrerstringuseragentstringversionidstringhostidstringversionstringaccount_idstringregionstringvpc_idstringquery_timestamptimestampquery_namestringquery_typestringquery_classstringrcodestringanswers[{ "Rdata":string, "Type":string, "Class":string }]srcaddrstringsrcportstringtransportstringsrcids{ "instance":string, "resolver-endpoint":string }p_event_timetimestampp_parse_timetimestampp_log_typestringp_row_idstringp_source_idstringversionbigintaccountstringinterfaceIdstringsrcAddrstringdstAddrstringsrcPortbigintdstPortbigintprotocolbigintpacketsbigintbytesbigintstarttimestampendtimestampactionstringstatusstringvpcIdstringsubNetIdstringinstanceIdstringtcpFlagsbiginttrafficTypestringactionstringformatVersionsmallinthttpRequest{ "args":string, "clientIp":string, "country":string, "headers":[{ "name":string, "value":string }], "httpMethod":string, "httpVersion":string, "requestId":string, "uri":string }httpSourceIdstringhttpSourceNamestringnonTerminatingMatchingRules[{ "ruleId":string, "action":string, "ruleMatchDetails":[{ "conditionType":string, "location":string, "matchedData":[string] }] }]rateBasedRuleList[{ "limitKey":string, "limitValue":string, "maxRateAllowed":bigint, "rateBasedRuleId":string, "rateBasedRuleName":string }]ruleGroupList[{ "excludedRules":[{ "exclusionType":string, "ruleId":string }], "nonTerminatingMatchingRules":[{ "ruleId":string, "action":string, "ruleMatchDetails":[{ "conditionType":string, "location":string, "matchedData":[string] }] }], "ruleGroupId":string, "terminatingRule":{ "ruleId":string, "action":string, "ruleMatchDetails":[{ "conditionType":string, "location":string, "matchedData":[string] }] } }]terminatingRuleIdstringterminatingRuleMatchDetails[{ "conditionType":string, "location":string, "matchedData":[string] }]terminatingRuleTypestringtimestamptimestampwebaclIdstringp_event_timetimestampp_parse_timetimestampp_log_typestringp_row_idstringp_source_idstringp_source_labelstring