|
Field name |
Description |
Example value |
|
|---|---|---|---|
|
url_categories |
id |
URL category ID. |
39 |
|
threat_level |
URL category threat level. |
Available values:
|
|
|
name |
URL category name. |
Social Networking |
|
|
timestamp |
Time when the event was received in the following format: yyyy-mm-ddThh:mm:ssZ. |
2022-05-12T08:11:46.15869Z |
|
|
endpoint_name |
Endpoint NetBIOS name. |
DESKTOP-0731NFQ |
|
|
endpoint_id |
Endpoint ID. |
35fb5820-74db-4eac-b05b-d01bc284c4e8 |
|
|
media_type |
Content type. |
application/json |
|
|
ip_protocol |
Network protocol number. |
6 |
|
|
host |
Host name. |
||
|
app_name |
The application the firewall rule was applied to. |
C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe |
|
|
action |
Action taken by the device according to the configured policies. |
drop, accept, nat |
|
|
source |
ip |
Traffic source IPv4 address. |
10.10.10.10 |
|
port |
Source port. |
Values: 0-65535. |
|
|
destination |
ip |
IPv4 address of the traffic destination. |
192.168.174.134 |
|
port |
Destination port. |
Values: 0-65535. |
|
|
rule |
guid |
Triggered rule unique ID. |
f93da24d-74f9-4f8c-9e9b-8e6d02346fb4 |
|
name |
Rule name. |
Default allow |
|