Strata Logging Service
Threat HTTPS Fields
Table of Contents
Expand All
|
Collapse All
Threat HTTPS Fields
The following table identifies the Threat field names that the Log Forwarding app
uses when you forward logs using the HTTPS log format.
HTTPS Name
|
Query Name
|
---|---|
Action
| |
Application
| |
ApplicationCategory
| |
ApplicationSubcategory
| |
ApplianceOrCloud
| |
CloudHostname
| |
CloudReportID
| |
ConfigVersion
| |
ContainerID
| |
ApplicationContainer
| |
ContentVersion
| |
RepeatCount
| |
CortexDataLakeTenantID
| |
DestinationDeviceCategory
| |
DestinationDeviceClass
| |
DestinationDeviceHost
| |
DestinationDeviceMac
| |
DestinationDeviceModel
| |
DestinationDeviceOS
| |
DestinationDeviceOSFamily
| |
DestinationDeviceOSVersion
| |
DestinationDeviceProfile
| |
DestinationDeviceVendor
| |
DestinationDynamicAddressGroup
| |
DestinationEDL
| |
DestinationAddress
| |
DestinationLocation
| |
DestinationPort
| |
DestinationUser
| |
DestinationUserDomain
| |
DestinationUserName
| |
DestinationUserUUID
| |
DestinationUUID
| |
DGHierarchyLevel1
| |
DGHierarchyLevel2
| |
DGHierarchyLevel3
| |
DGHierarchyLevel4
| |
DirectionOfAttack
| |
DomainEDL
| |
DynamicUserGroupName
| |
EndpointSerialNumber
| |
FileName
| |
FileHash
| |
FileType
| |
FileURL
| |
FlowType
| |
FromZone
| |
HostID
| |
HTTP2Connection
| |
HTTPMethod
| |
InboundInterface
| |
InboundInterfaceDetailsPort
| |
InboundInterfaceDetailsSlot
| |
InboundInterfaceDetailsType
| |
InboundInterfaceDetailsUnit
| |
CaptivePortal
| |
IsClienttoServer
| |
IsContainer
| |
IsDecryptMirror
| |
IsDecrypted
| |
IsDuplicateLog
| |
IsEncrypted
| |
LogExported
| |
LogForwarded
| |
IsIPV6
| |
IsMptcpOn
| |
NAT
| |
IsNonStandardDestinationPort
| |
IsPacketCapture
| |
IsPhishing
| |
IsPrismaNetwork
| |
IsPrismaUsers
| |
IsProxy
| |
IsReconExcluded
| |
IsSaaSApplication
| |
IsServertoClient
| |
IsSourceXForwarded
| |
IsSystemReturn
| |
IsTransaction
| |
IsTunnelInspected
| |
IsURLDenied
| |
K8SClusterID
| |
LocalDeepLearningAnalyzed
| |
Location
| |
LogSetting
| |
LogSource
| |
LogSourceGroupID
| |
DeviceSN
| |
DeviceName
| |
LogSourceTimeZoneOffset
| |
TimeReceived
| |
LogType
| |
IMEI
| |
NATDestination
| |
NATDestinationPort
| |
NATSource
| |
NATSourcePort
| |
NonStandardDestinationPort
| |
NSSAINetworkSliceType
| |
OutboundInterface
| |
OutboundInterfaceDetailsPort
| |
OutboundInterfaceDetailsSlot
| |
OutboundInterfaceDetailsType
| |
OutboundInterfaceDetailsUnit
| |
PanoramaSN
| |
ParentSessionID
| |
ParentStarttime
| |
PartialHash
| |
PayloadProtocolID
| |
Packet
| |
PacketID
| |
PlatformType
| |
ContainerName
| |
ContainerNameSpace
| |
Protocol
| |
RecipientEmail
| |
ReportID
| |
ApplicationRisk
| |
Rule
| |
RuleUUID
| |
SanctionedStateOfApp
| |
SenderEmail
| |
SequenceNo
| |
SessionID
| |
Severity
| |
SigFlags
| |
SourceDeviceCategory
| |
SourceDeviceClass
| |
SourceDeviceHost
| |
SourceDeviceMac
| |
SourceDeviceModel
| |
SourceDeviceOS
| |
SourceDeviceOSFamily
| |
SourceDeviceOSVersion
| |
SourceDeviceProfile
| |
SourceDeviceVendor
| |
SourceDynamicAddressGroup
| |
SourceEDL
| |
SourceAddress
| |
SourceLocation
| |
SourcePort
| |
SourceUser
| |
SourceUserDomain
| |
SourceUserName
| |
SourceUserUUID
| |
SourceUUID
| |
Subtype
| |
EmailSubject
| |
ApplicationTechnology
| |
ThreatCategory
| |
ThreatID
| |
ThreatName
| |
ThreatNameFirewall
| |
TimeGenerated
| |
TimeGeneratedHighResolution
| |
ToZone
| |
Tunnel
| |
TunneledApplication
| |
IMSI
| |
URLDomain
| |
URLCounter
| |
Users
| |
VendorName
| |
VendorSeverity
| |
Verdict
| |
VirtualLocation
| |
VirtualSystemID
| |
VirtualSystemName
| |
X-Forwarded-ForIP
|