|
Field name |
Description |
Example value |
||
|---|---|---|---|---|
|
timestamp |
Time when the event was received. Format: yyyy-mm-ddThh:mm:ssZ. |
2022-05-12T08:11:46.15869Z |
||
|
url_categories |
id |
ID of the category to which the URL belongs. |
39 |
|
|
threat_level |
Threat level for the URL category. |
Available values:
|
||
|
name |
Name of the category to which the URL belongs. |
Social Networking |
||
|
bytes_sent |
Number of bytes transmitted from the source to the destination. |
52 |
||
|
node |
A unique name of the device which generated the event. |
|||
|
packets_recv |
Number of bytes transmitted from the destination to the source. |
5 |
||
|
request_method |
Method used to access the URL address (POST, GET, etc.). |
GET |
||
|
url |
Contains the URL of the requested resource and the protocol used. |
|||
|
packets_sent |
Number of packets transmitted from the source to the destination. |
2 |
||
|
action |
Action taken by the device according to the configured policies. |
block |
||
|
media_type |
Content type. |
application/json |
||
|
host |
Hostname. |
|||
|
session |
Session ID. |
a7a3cd49-8232-4f1a-962a-3659af89e96f (if System: 00000000-0000-0000-0000-000000000000) |
||
|
app_protocol |
Application layer protocol and its version. |
HTTP/1.1 |
||
|
status_code |
HTTP status code. |
302 |
||
|
bytes_recv |
Number of packets transmitted from the destination to the source. |
100 |
||
|
http_referer |
Request source URL (HTTP referrer). |
|||
|
decrypted |
Indicates if the content was decrypted. |
true, false |
||
|
reasons |
The reason why the event was created, e.g., the reason for the site block. |
"url_cats":[{"id":39,"name":"Social Networking","threat_level":3}] |
||
|
useragent |
Browser useragent. |
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 |
||
|
source |
zone |
guid |
Unique ID of the traffic source zone. |
d0038912-0d8a-4583-a525-e63950b1da47 |
|
name |
Source zone name. |
Trusted |
||
|
country |
Traffic source country. |
AE (a two-letter country code is displayed) |
||
|
ip |
Source IPv4 address. |
10.10.10.10 |
||
|
port |
Source port. |
Values: 0-65535. |
||
|
destination |
zone |
guid |
Unique ID of the traffic destination zone. |
3c0b1253-f069-4060-903b-5fec4f465db0 |
|
name |
Traffic destination zone name. |
Untrusted |
||
|
country |
Destination country. |
AE (a two-letter country code is displayed) |
||
|
ip |
Destination IPv4 address. |
192.168.174.134 |
||
|
port |
Destination port. |
Values: 0-65535. |
||
|
rule |
guid |
Unique ID of the rule triggered to cause the event. |
f93da24d-74f9-4f8c-9e9b-8e6d02346fb4 |
|
|
name |
The name of the rule. |
Default allow |
||
|
user |
guid |
Unique ID of the user. |
a7a3cd49-8232-4f1a-962a-3659af89e96f |
|
|
name |
User name. |
user_name |
||
|
groups |
guid |
Unique ID of the group the user is a member of. |
919878b2-e882-49ed-3331-8ec72c3c79cb |
|
|
name |
Name of the group the user is a member of. |
Default Group |
||