Parsers and Generated Fields

Vendor Field	CPS Field	Description
Vendor.time	@timestamp	Event timestamp in seconds format
Vendor.device_id	device.id	Unique device identifier
Vendor.device_name	device.model.name	Name of the device
Vendor.event	event.action	Chrome Enterprise event type
Vendor.reason	event.reason	Reason for the event
Vendor.event_detail	event.reference	Additional event details
Vendor.os_platform	host.os.type	Operating system platform
Vendor.os_version	host.os.version	Operating system version
url.host	url.domain
Vendor.url	url.original	Original URL from the event
Vendor.device_user	user.name	Username associated with the device
Vendor.user_agent	user_agent.original	User agent string