Strata Logging Service
System EMAIL Fields
Table of Contents
Expand All
|
Collapse All
Strata Logging Service Docs
System EMAIL Fields
Example System log in EMAIL:
LogTime=2021-02-22T06:00:54.000000Z LogSourceID=xxxxxxxxxxxxxx LogType=SYSTEM Subtype=general ConfigVersion=0.0 VirtualSystemID=0 AgentTimeZoneOffset= AgentVersion= EndpointCPUArchitecture= EndpointDeviceDomain= EndpointDeviceName= EndpointIPaddress= EndpointOSType= EndpointOSVersion= EndpointUserDomain= EndpointUserName=xxxxx EndpointUserUUID= IsDuplicateLog=false IsPrismaNetwork=false IsPrismaUsers=false LogCategory= LogExported=false LogForwarded=true LogSource=firewall LogSourceTimeZoneOffset= Severity=Informational TenantID=xxxxxxxxxxxxx TimeGeneratedHighResolution=2021-02-22T06:00:46.000000Z VDIEndpoint= VendorName=Palo Alto Networks AgentStatus= AgentDataCollectionStatus= AgentID= AgentIsolationStatus= AgentContentVersion= EventTime=2021-02-22T06:00:46.000000Z VirtualLocation= EventName=general EventComponent= VendorSeverity=Informational EventDescription=WildFire version 559357-566509 downloaded by Auto update agent SequenceNo=30904438 DGHierarchyLevel1=0 DGHierarchyLevel2=0 DGHierarchyLevel3=0 DGHierarchyLevel4=0 VirtualSystemName= LogSourceName=xxxxx DeviceGroup= Template=
The following table identifies the System field names that the Log Forwarding app
uses when you forward logs using the EMAIL log format.
|
EMAIL Name
|
Query Name
|
|---|---|
|
AgentContentVersion
| |
|
AgentDataCollectionStatus
| |
|
AgentID
| |
|
AgentIsolationStatus
| |
|
AgentStatus
| |
|
AgentVersion
| |
|
ConfigVersion
| |
|
TenantID
| |
|
DeviceGroup
| |
|
DGHierarchyLevel1
| |
|
DGHierarchyLevel2
| |
|
DGHierarchyLevel3
| |
|
DGHierarchyLevel4
| |
|
EndpointCPUArchitecture
| |
|
EndpointDeviceDomain
| |
|
EndpointDeviceName
| |
|
EndpointIPaddress
| |
|
VDIEndpoint
| |
|
EndpointOSType
| |
|
EndpointOSVersion
| |
|
AgentTimeZoneOffset
| |
|
EndpointUserDomain
| |
|
EndpointUserName
| |
|
EndpointUserUUID
| |
|
EventComponent
| |
|
EventDescription
| |
|
EventName
| |
|
EventTime
| |
|
IsDuplicateLog
| |
|
LogExported
| |
|
LogForwarded
| |
|
IsPrismaNetwork
| |
|
IsPrismaUsers
| |
|
LogCategory
| |
|
LogSource
| |
|
LogSourceGroupID
| |
|
LogSourceID
| |
|
LogSourceName
| |
|
LogSourceTimeZoneOffset
| |
|
LogTime
| |
|
LogType
| |
|
PanoramaSN
| |
|
PlatformType
| |
|
SequenceNo
| |
|
Severity
| |
|
Subtype
| |
|
Template
| |
|
TimeGeneratedHighResolution
| |
|
VendorName
| |
|
VendorSeverity
| |
|
VirtualLocation
| |
|
VirtualSystemID
| |
|
VirtualSystemName
|