Strata Logging Service Log Reference
  • Strata Logging Service Log Reference
  • Strata Logging Service Documentation
  • All Documentation
>
URL HTTPS Fields
Focus
Download PDF
Focus
  1. Home
  2. Strata Logging Service
  3. Network Logs
  4. URL
  5. URL HTTPS Fields
Download PDF
Strata Logging Service

URL HTTPS Fields

Table of Contents

URL HTTPS Fields

The following table identifies the URL field names that the Log Forwarding app uses when you forward logs using the HTTPS log format.
HTTPS Name
Query Name
Action
action.​value
Application
app
ApplicationCategory
app_category
ApplicationSubcategory
app_sub_category
CloudHostname
cloud_hostname
CloudReportID
cloud_reportid
ConfigVersion
config_version.​value
ContainerID
container_id
ApplicationContainer
container_of_app
ContentType
content_type
ContentVersion
content_version
RepeatCount
count_of_repeats
CortexDataLakeTenantID
customer_id
DestinationDeviceCategory
dest_device_category
DestinationDeviceClass
dest_device_class
DestinationDeviceHost
dest_device_host
DestinationDeviceMac
dest_device_mac
DestinationDeviceModel
dest_device_model
DestinationDeviceOS
dest_device_os
DestinationDeviceOSFamily
dest_device_osfamily
DestinationDeviceOSVersion
dest_device_osversion
DestinationDeviceProfile
dest_device_profile
DestinationDeviceVendor
dest_device_vendor
DestinationDynamicAddressGroup
dest_dynamic_address_group
DestinationEDL
dest_edl
DestinationAddress
dest_ip.​value
DestinationLocation
dest_location
DestinationPort
dest_port
DestinationUser
dest_user
DestinationUserDomain
dest_user_info.​domain
DestinationUserName
dest_user_info.​name
DestinationUserUUID
dest_user_info.​uuid
DestinationUUID
dest_uuid
DGHierarchyLevel1
dg_hier_level_1
DGHierarchyLevel2
dg_hier_level_2
DGHierarchyLevel3
dg_hier_level_3
DGHierarchyLevel4
dg_hier_level_4
DirectionOfAttack
direction_of_attack.​value
DynamicUserGroupName
dynusergroup_name
EndpointSerialNumber
endpoint_serial_number
FileURL
file_url
FlowType
flow_type.​value
FromZone
from_zone
HostID
gp_host_id
HTTP2Connection
http2_connection
HTTPHeaders
http_headers
HTTPMethod
http_method.​value
InboundInterface
inbound_if.​value
InboundInterfaceDetailsPort
inbound_if_details.​port
InboundInterfaceDetailsSlot
inbound_if_details.​slot
InboundInterfaceDetailsType
inbound_if_details.​type.​value
InboundInterfaceDetailsUnit
inbound_if_details.​unit
InlineMLVerdict
inline_ml_verdict.​value
CaptivePortal
is_captive_portal
IsClienttoServer
is_client_to_server
IsContainer
is_container
IsDecryptMirror
is_decrypt_mirror
IsDecrypted
is_decrypted
IsDuplicateLog
is_dup_log
IsEncrypted
is_encrypted
LogExported
is_exported
LogForwarded
is_forwarded
IsIPV6
is_ipv6
IsMptcpOn
is_mptcp_on
NAT
is_nat
IsNonStandardDestinationPort
is_non_std_dest_port
IsPacketCapture
is_packet_capture
IsPhishing
is_phishing
IsPrismaNetwork
is_prisma_branch
IsPrismaUsers
is_prisma_mobile
IsProxy
is_proxy
IsReconExcluded
is_recon_excluded
IsSaaSApplication
is_saas_app
IsServertoClient
is_server_to_client
IsSourceXForwarded
is_source_x_fwded
IsSystemReturn
is_sym_return
IsTransaction
is_transaction
IsTunnelInspected
is_tunnel_inspected
IsURLDenied
is_url_denied
K8SClusterID
k8s_cluster_id
Location
location
LogSetting
log_set
LogSource
log_source
LogSourceGroupID
log_source_group_id
DeviceSN
log_source_id
DeviceName
log_source_name
LogSourceTimeZoneOffset
log_source_tz_offset
TimeReceived
log_time
LogType
log_type.​value
IMEI
monitor_tag_imei
NATDestination
nat_dest.​value
NATDestinationPort
nat_dest_port
NATSource
nat_source.​value
NATSourcePort
nat_source_port
NonStandardDestinationPort
non_standard_dest_port
NSSAINetworkSliceType
nssai_network_slice_type.​value
OutboundInterface
outbound_if.​value
OutboundInterfaceDetailsPort
outbound_if_details.​port
OutboundInterfaceDetailsSlot
outbound_if_details.​slot
OutboundInterfaceDetailsType
outbound_if_details.​type.​value
OutboundInterfaceDetailsUnit
outbound_if_details.​unit
PanoramaSN
panorama_serial
ParentSessionID
parent_session_id
ParentStarttime
parent_start_time
Packet
pcap
PacketID
pcap_id
PlatformType
platform_type
ContainerName
pod_name
ContainerNameSpace
pod_namespace
Protocol
protocol.​value
Referer
referer
HTTPRefererFQDN
referer_fqdn
HTTPRefererPort
referer_port
HTTPRefererProtocol
referer_protocol.​value
HTTPRefererURLPath
referer_url_path
ApplicationRisk
risk_of_app
Rule
rule_matched
RuleUUID
rule_matched_uuid
SanctionedStateOfApp
sanctioned_state_of_app
SequenceNo
sequence_no
SessionID
session_id
Severity
severity
SigFlags
sig_flags
SourceDeviceCategory
source_device_category
SourceDeviceClass
source_device_class
SourceDeviceHost
source_device_host
SourceDeviceMac
source_device_mac
SourceDeviceModel
source_device_model
SourceDeviceOS
source_device_os
SourceDeviceOSFamily
source_device_osfamily
SourceDeviceOSVersion
source_device_osversion
SourceDeviceProfile
source_device_profile
SourceDeviceVendor
source_device_vendor
SourceDynamicAddressGroup
source_dynamic_address_group
SourceEDL
source_edl
SourceAddress
source_ip.​value
SourceLocation
source_location
SourcePort
source_port
SourceUser
source_user
SourceUserDomain
source_user_info.​domain
SourceUserName
source_user_info.​name
SourceUserUUID
source_user_info.​uuid
SourceUUID
source_uuid
Subtype
sub_type.​value
ApplicationTechnology
technology_of_app
TimeGenerated
time_generated
TimeGeneratedHighResolution
time_generated_high_res
ToZone
to_zone
Tunnel
tunnel.​value
TunneledApplication
tunneled_app
IMSI
tunnelid_imsi
URL
uri
URLCategory
url_category.​value
URLCategoryList
url_category_list
URLDomain
url_domain
URLCounter
url_idx
UserAgent
user_agent
Users
users
VendorName
vendor_name
VendorSeverity
vendor_severity.​value
VirtualLocation
vsys
VirtualSystemID
vsys_id
VirtualSystemName
vsys_name
X-Forwarded-For
xff
X-Forwarded-ForIP
xff_ip.​value

Technical Documentation

Company

Legal Notices

© 2025 Palo Alto Networks, Inc. All rights reserved.

xThanks for visiting https://docs.paloaltonetworks.com. To improve your experience when accessing content across our site, please add the domain to the allow list on your ad blocker application.