{
  "dataset": "xdr_agent_raw",
  "vendor": "Palo Alto Networks",
  "product": "Cortex XDR Agent",
  "log_type": "xdr_data",
  "raw_log": "{\"type\":\"PROCESS_EVENT\",\"hostname\":\"WORKSTATION-042\",...}",
  "timestamp": "2024-01-15T10:35:00.000Z",
  "tenant_id": "xsiam-tenant-001",
  "event_id": "evt-20240115-103500-003"
}