The Logpoint threat intelligence taxonomy specifies the following fields:
accessed_ts, application, authentication, caller_user, computer, created_ts, destination_address, destination_port, directory, disabled, domain, email, end_ts, file, fqdn, gateway, group_name, hardware_address, hash, hash_type, host, ip_address, locked_out, login_ts, loggoff_ts, logon_type, modified_ts, port, priority, process, protocol, proxy_server, referer, request_method, rights, security_id, server_address, service, source_address, source_port, start_ts, status, status_code, url, user, user_agent
Among these field names, only domain, url, category, type, threat_source, file_hash, ip_address, score, port, _eviction_timestamp, start_ts, and end_ts are functional in Threat Intelligence.