1. Home
    2. Security Operations
    3. Cortex XDR
    4. Cortex XDR™ API Reference
    5. APIs
    6. API Field Mapping

    API Field Mapping

    Review how API fields are displayed in the Cortex XDR Management Console.
    The following table lists how API fields are displayed in the
    Cortex
    XDR
     Management Console. Fields are listed in alphabetical order.
    Cortex XDR API Field Name
    Cortex XDR Management Console Field Name
    action
    Action
    action_external_hostname
    Remote Host
    action_file_macro_sha256
    File Macro SHA256
    action_file_md5
    File MD5
    action_file_path
    File path
    action_file_sha256
    File SHA256
    action_local_ip
    Local IP
    action_local_port
    Local port
    action_process_image_command_line
    Target process CMD
    action_process_image_name
    Target process name
    action_process_image_sha256
    Target process SHA256
    action_process_signature_status
    Process execution signature
    action_process_signature_vendor
    Process execution signer
    action_registry_data
    Registry data
    action_registry_full_key
    Registry full key
    action_remote_ip
    Remote IP
    action_remote_port
    Remote port
    actor_process_command_line
    Initiator CMD
    actor_process_image_md5
    Initiator MD5
    actor_process_image_name
    Initiated By
    actor_process_image_path
    Initiator path
    actor_process_image_sha256
    Initiator SHA256
    actor_process_os_pid
    Initiator PID
    actor_process_signature_status
    Initiator signature
    actor_process_signature_vendor
    Initiator signer
    actor_thread_thread_id
    Initiator TID
    agent_device_domain
    Domain
    agent_fqdn
    Host FQDN
    agent_os_sub_type
    Agent OS Sub Type
    agent_os_type
    Host OS
    alert_id
    Alert ID
    case_id
    Incident ID
    category
    Category
    causality_actor_causality_id
    CID
    causality_actor_process_command_line
    CGO CMD
    causality_actor_process_image_md5
    CGO MD5
    causality_actor_process_image_name
    CGO name
    causality_actor_process_image_sha256
    CGO SHA256
    causality_actor_process_signature_status
    CGO signature
    causality_actor_process_signature_vendor
    CGO signer
    contains_featured_host
    Contains Featured Host
    contains_featured_ip_address
    Contains Featured IP Address
    contains_featured_user
    Contains Featured User
    description
    Description
    manual_description
    Description
    detection_timestamp
    Timestamp
    dns_query_name
    DNS Query Name
    event_type
    Event Type
    external_id
    External ID
    fw_app_category
    App Category
    fw_app_id
    App-ID
    fw_app_subcategory
    App Subcategory
    fw_app_technology
    App Technology
    fw_device_name
    FW Name
    fw_email_recipient
    Email Recipient
    fw_email_sender
    Email Sender
    fw_email_subject
    Email Subject
    fw_interface_from
    Source Zone Name
    fw_interface_to
    Destination Zone Name
    fw_is_phishing
    Is Phishing
    fw_misc
    Misc
    fw_rule
    FW Rule Name
    fw_rule_id
    FW Rule ID
    fw_serial_number
    FW Serial Number
    fw_url_domain
    URL
    fw_vsys
    NGFW VSYS Name
    fw_xff
    XFF
    host_ip
    Host IP
    host_name
    Host
    mac
    Host Mac Address
    matching_service_rule_id
    Rule ID
    mitre_tactic_id_and_name
    Mitre ATT&CK Tactic
    mitre_technique_id_and_name
    Mitre ATT&CK Technique
    module_id
    Module
    name
    Alert Name
    os_actor_effective_username
    OS Parent User Name
    os_actor_process_command_line
    OS Parent CMD
    os_actor_process_image_name
    OS Parent Name
    os_actor_process_image_sha256
    OS Parent SHA256
    os_actor_process_os_pid
    OS Parent PID
    os_actor_process_signature_status
    OS Parent Signature
    os_actor_process_signature_vendor
    OS Parent Signer
    os_actor_thread_thread_id
    OS Parent TID
    severity
    Severity
    source
    Alert Source
    starred
    Starred
    user_name
    User Name

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2022 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo