There are several reusable attributes for audit events across Jenkins. These attributes should be generated and committed to the audit catalog API. Some example attributes that would be useful to start with:

• userId - string (corresponds to the user who initiated the action)
• requestId - string (used as a correlation id for logs)
• requestUri - string (contains the original request URI used for action)
• nodeName - string (contains the name of the node where action took place)
• timestamp - string (ISO-8601 datetime format, using UTC timezone) (note that log4j audit doesn't currently define a date or time attribute type; we have the option of using a string or long value, or we could work on contributing a date type upstream)