||process, audit, authentication
||The category the associated log message falls under. Message categories are groupings of related messages that often have common fields.
||This is an optional field that is used for related categories. For example, the process and service categories are part of the Endpoint gim_event_class, among others.
||A description of the event described in the associated log message.
||credential validation, process
||A secondary grouping of events under a category where individual events share many common characteristics.