native dashboard SOAR query field for event type

In native dashboards, try case.alerts.metadata.collection_elements.references.event.metadata.event_type

Ex. 

case.alerts.metadata.collection_elements.references.event.metadata.event_type = $event_type
$event_type = "RESOURCE_CREATION"

match:
    $event_type, case.alerts.metadata.case_name

actually it didnt work for me. since the case is ingested from soar connector 

SOAR connector as in the Chronicle connector? Or another connector? For the Chronicle connector, it seems to work for me. For others,  (ex. GTI Connector) it does not , returns EventType_Unspecified, and may be a different field instead.

Updated query I am trying:

$event_type = case.alerts.metadata.collection_elements.references.event.metadata.event_type
$case_id = case.response_platform_info.response_platform_id
$case_name = case.display_name
$case_status = case.status
case.alerts.metadata.type = "GCTI_FINDING" or case.alerts.metadata.type = "RULE_DETECTION"
case.source != "Simulated"

match:
    $case_id, $case_name, $case_status

outcome:
    $event_types = array_distinct($event_type)

order:
    $case_id desc

Result:

yes its jira connector

In your initial post, is the screenshot from an alert that came in through Jira connector? Or an alert that came in through the SIEM connector?

I do not have a Jira connector, but based on my testing with the GTI connector, I am thinking the type field requires an enum value (like in SIEM with metadata.event_type = NETWORK_CONNECTION, USER_LOGIN, etc.). If the Jira connector does not follow this (it may, this is why I am asking for confirmation on your screenshot), I am thinking it then defaults to EVENTTYPE_UNSPECIFIED.

even im getting this EVENTTYPE_UNSPECIFIED., but for event type we have mapping issue type in soar jira connector. i was trying fetch that