The documentation for the cylance module in filebeats looks mixed up with RSA Netwitness.
In this documentation:
RSA fields are referenced:
And the link to exported fields also are mainly RSA fields, not cylance fields:
I wanted to confirm if others see the same thing and I wasn't sure where to post a documentation bug.