Events HTTPS Fields
Focus
Focus
Strata Logging Service

Events HTTPS Fields

Table of Contents

Events HTTPS Fields

The following table identifies the Events field names that the Log Forwarding app uses when you forward logs using the HTTPS log format.
HTTPS Name
Query Name
Field Type
ApplicationAppCategory
string
ApplicationAppSubcategory
string
ApplicationExternalID
string
ApplicationExternalName
string
ApplicationID
string
ApplicationName
string
ApplicationProtectedAccount
boolean
ApplicationRiskOfApp
int
ApplicationSource
string
ApplicationUsername
string
BatchID
string
BrowserExtensionAppLaunchURL
string
BrowserExtensionAvailableLaunchTypes
array
BrowserExtensionDescription
string
BrowserExtensionDisabledReason
string
BrowserExtensionEnabled
boolean
BrowserExtensionHomepageURL
string
BrowserExtensionHostPermissions
array
BrowserExtensionID
string
BrowserExtensionInstallType
string
BrowserExtensionIsApp
boolean
BrowserExtensionLaunchType
string
BrowserExtensionMayDisable
boolean
BrowserExtensionName
string
BrowserExtensionOfflineEnabled
boolean
BrowserExtensionOptionsURL
string
BrowserExtensionPermissions
array
BrowserExtensionShortName
string
BrowserExtensionType
string
BrowserExtensionUpdateURL
string
BrowserExtensionVersion
string
CertificateCreatedTime
timestamp
CertificateExpirationTime
timestamp
CertificateFingerprints
array
CertificateIssuer
string
CertificateSerialNumber
string
CertificateSubject
string
ClassificationCategory
string
ClassificationMaliciousCategories
array
ClassificationMITRE
array
ClassificationReputation
long
ClassificationSecurityCompliance
array
ClassificationSeverity
string
ClipboardFromURL
string
ClipboardSelectedElement
string
ContentCategories
array
ContentLengthBytes
long
ContentMIPMatchedLabel
string
ContentScanEngine
string
ContentSensitiveDataCategories
array
ContentSourceElementSelector
string
ContentSourceURL
string
CortexDataLakeTenantID
string
DeviceBrowserBrand
string
DeviceBrowserType
string
DeviceBrowserVersion
string
DeviceUUID
string
DeviceDiskEncryptionStatus
string
DeviceEPPStatus
string
DeviceExtensionVersion
string
DeviceFirewallStatus
string
DeviceGeoIPFromCityName
string
DeviceGeoIPFromCountryName
string
DeviceGeoIPFromLocationLatitude
float
DeviceGeoIPFromLocationLongitude
float
DeviceGroupsIDs
array
DeviceGroupsNames
array
DeviceHostname
string
DeviceIPAddress
string
DeviceMACAddresses
array
DeviceModel
string
DeviceOSAndroidBuild
string
DeviceOSAndroidPatch
string
DeviceOSAndroidRelease
string
DeviceOSAndroidSDK
string
DeviceOSiOSMajor
string
DeviceOSiOSMinor
string
DeviceOSiOSPatch
string
DeviceOSmacOSBugfix
string
DeviceOSmacOSBuild
string
DeviceOSmacOSMajor
string
DeviceOSmacOSMinor
string
DeviceOSmacOSServer
boolean
DeviceOSType
string
DeviceOSWindowsBuild
string
DeviceOSWindowsMajor
string
DeviceOSWindowsMinor
string
DeviceOSWindowsPatch
string
DeviceOSWindowsProduct
string
DeviceOSDisplayName
string
DeviceRawUniversalID
string
DeviceScreenLockStatus
string
DeviceSerialNumber
string
DeviceType
string
DeviceUserAgent
string
FileExtension
string
FileIsEncrypted
boolean
FileLocalPath
string
FileMimeType
string
FileName
string
FileOperation
string
FileOriginDownloadURL
string
FileSHA256
string
FileURL
string
ID
string
LogSource
string
LogSourceGroupID
string
DeviceSN
string
DeviceName
string
TimeReceived
timestamp
LogType
string
NetworkClassifications
array
NetworkFrameURL
string
NetworkHTTPMethod
string
NetworkHTTPStatus
int
NetworkProtocol
string
NetworkTabURL
string
NetworkURL
string
PageCaptureIsSecureScreenshot
boolean
PageCaptureTriggeredByURL
string
PageDevtoolsBlockReason
string
PageTitle
string
PincodeFailedAttempts
long
PincodeRegistrationTime
timestamp
PlatformType
string
PolicyAction
string
PolicyBlockReason
string
PolicyBypassReason
string
PolicyIsMonitor
boolean
PolicyIsSessionRecorded
boolean
PolicyRuleDescription
string
PolicyRuleID
string
PostureBlockReason
string
PostureBlockType
string
PostureError
string
PrintPrinterLocation
string
PrintPrinterName
string
ProcessCLIArgs
string
ProcessImagePath
string
ProcessParentProcess
string
ProcessPID
long
StateDeviceGroupEvaluation
array
StateSignInRules
array
SubtenantID
string
Subtype
string
TamperingType
string
TenantID
string
TimeGenerated
timestamp
TimeGeneratedHighResolution
timestamp
Timestamp
timestamp
TSGID
string
Type
string
UserEmail
string
UserExternalID
string
UserGroupsIDs
array
UserGroupsNames
array
UserID
string
UserName
string
UserTenantExternalID
string
UserTenantID
string
UserTenantName
string
UserTSGID
string
VendorName
string