AFAIK, TA don't validate an index for CIM compliant. It has to be done manually by the user. In most cases, only key fields (which are CIM compliant) are needed for a Splunk App to work properly.
CIM Validator is a great Splunk app for CIM validation.
Please accept the answer if it significantly helped resolve your query for the benefit of other forum members, who might run into a similar issue.
You said - In most cases, only key fields (which are CIM compliant) are needed for a TA to work properly.
How can I find out which ones are needed?
During indexing or search time , the fields are extracted by Addons (as per CIM complaint if configured properly) and the fields are used by Splunk Apps/Dashboards/Datamodels.
Splunk Enterprise Security Suite app utilizes bunch of data models as mentioned here. The list of fields used by each datamodel also provided.
Makes perfect sense, but which fields are needed in order to certify a certain event as cim compliant?
It's depend on the use case and app that you use. You can get the list of required fields either from the Splunk query used in the dashboard/reports/datamodels or from the app's documentation.