|
Field type |
Field name |
Description |
Example value |
|---|---|---|---|
|
CEF header |
CEF:Version |
CEF version. |
CEF:0 |
|
Device Vendor |
Product vendor. |
UserGate |
|
|
Device Product |
Product type. |
NGFW |
|
|
Device Version |
Product version. |
7 |
|
|
Source |
Log type. |
events |
|
|
Origin |
Module where the event occurred. |
admin_console |
|
|
Severity |
The severity of the event. |
Available values:
|
|
|
CEF [extension] |
rt |
Time when the event was received (in milliseconds since January 1, 1970). |
1652344423822 |
|
deviceExternalId |
The unique name of the device that generated the event. |
utmcore@ersthetatica |
|
|
suser |
The username. |
Admin |
|
|
cat |
Component where the event occurred. |
console_auth |
|
|
act |
Event type. |
login_successful |
|
|
src |
Source IPv4 address. |
192.168.117.254 |
|
|
cs1Label |
This field is used for event details. |
Attributes |
|
|
cs1 |
Event details in JSON format. |
{"name":"MIME_BUILTIN_COMPOSITE","module":"nlist_import"} |