Configuration EMAIL Fields

Example Configuration log in EMAIL:
LogTime=2021-02-23T02:44:27.000000Z LogSourceID=xxxxxxxxxxxxxx LogType=CONFIG Subtype=config VirtualSystemID=0 VendorSeverity= VendorName=Palo Alto Networks TenantID=xxxxxxxxxxxxx Severity= LogSource=firewall LogExported=false LogSourceTimeZoneOffset= LogCategory=xxxxx IsPrismaUsers=false IsPrismaNetwork=false IsDuplicateLog=false EventDetails= AdminUserUUID= AdminUserName=xxxxx AdminUserDomain= EventTime=2019-07-25T23:30:12.000000Z IPaddress=xxx.xx.x.xx VirtualLocation= EventName=commit-all AdminUsername=Panorama-admin Client= EventResult=submitted EventPath= SequenceNo=17 DGHierarchyLevel1=0 DGHierarchyLevel2=0 DGHierarchyLevel3=0 DGHierarchyLevel4=0 VirtualSystemName=<{xwo X LogSourceName=PA-VM EventDescription= _ I Yr0r TimeGeneratedHighResolution=2019-07-25T23:30:12.000000Z
The following table identifies the Configuration field names that the Log Forwarding app uses when you forward logs using the EMAIL log format.
EMAIL Name
Query Name
AdminUsername
AdminUserDomain
AdminUserName
AdminUserUUID
Client
ConfigVersion
TenantID
DeviceGroup
DGHierarchyLevel1
DGHierarchyLevel2
DGHierarchyLevel3
DGHierarchyLevel4
IPaddress
EventDescription
EventDetails
EventName
EventPath
EventResult
EventTime
IsDuplicateLog
LogExported
IsPrismaNetwork
IsPrismaUsers
LogCategory
LogSource
LogSourceID
LogSourceName
LogSourceTimeZoneOffset
LogTime
LogType
SequenceNo
Severity
Subtype
Template
TimeGeneratedHighResolution
VendorName
VendorSeverity
VirtualLocation
VirtualSystemID
VirtualSystemName

Recommended For You