Detection-engineering field reference. Drill from category → product → log subtype to see fields, examples, and — per subtype — MITRE ATT&CK coverage, ingestion notes, detection use-cases, retention/criticality, and CIM/OCSF mapping.