|
Field name |
Description |
Example value |
||
|---|---|---|---|---|
|
timestamp |
Time when the event was received. Format: yyyy-mm-ddThh:mm:ssZ. |
2022-05-12T08:11:46.15869Z |
||
|
node |
The unique name of the device that generated the event. |
|||
|
from |
Sender email. |
|||
|
to |
Recipient email. |
|||
|
app_protocol |
Application layer network protocol. |
SMTP |
||
|
source |
zone |
guid |
Unique ID of the traffic source zone. |
d0038912-0d8a-4583-a525-e63950b1da47 |
|
name |
Traffic source zone name. |
Trusted |
||
|
country |
Source country name. |
AE (a two-letter country code is displayed) |
||
|
ip |
IPv4 address of the traffic source. |
10.10.10.10 |
||
|
port |
Source port |
Values: 0-65535. |
||
|
destination |
zone |
guid |
Unique ID of the traffic destination zone. |
3c0b1253-f069-4060-903b-5fec4f465db0 |
|
name |
Traffic destination zone name. |
Untrusted |
||
|
country |
Destination country name. |
AE (a two-letter country code is displayed) |
||
|
ip |
IPv4 address of the traffic destination. |
10.10.10.10 |
||
|
port |
Destination port |
Values: 0-65535. |
||
|
rule |
guid |
Unique ID of the rule triggered to cause the event. |
59e38e06-533a-4771-9664-031c3e8b2e1f |
|
|
name |
Name of the rule triggered to cause the event. |
Mail security rule |
||
|
user |
guid |
Unique ID of the user. |
a7a3cd49-8232-4f1a-962a-3659af89e96f |
|
|
name |
The username. |
user_name |
||
|
groups |
guid |
Unique ID of the group the user is a member of. |
919878b2-e882-49ed-3331-8ec72c3c79cb |
|
|
name |
Name of the group the user is a member of. |
Default Group |
||