About Log Query Columns

Endpoint Application Control logs events by log type. See About Logs and Log Types.

On the Log Query screen, each log type displays a unique list of columns.

Table 1. Default Displayed Log Query Columns

Log Type

Columns and Order (Default)

Displayable Columns by Category (Alphabetically)

"Others"

"Agent"

"Application Usage"

"Certified Safe Software"

"Endpoint"

"Event"

"File"

"Server"

"User"

"Windows Specific"

Policy actions

Earliest Event

Number of Events

Action Taken

Endpoint Name

User Name

Rule

Policy

Name

Full Path

Tags

Search Result Matching Level

Connected

Earliest Connection

IP Address

 

Architecture

Country

Language

Name

Version

Endpoint ID

Endpoint Name

Action Taken

Earliest Event

Number of Events

Policy

Policy ID

Process Owner

Received

Rule

Rule ID

Runtime Environment

Start Path and Parameters

File Created

File Modified

File Name

File Owner

File Size

Full Path

SHA-1 Hash Value

Tags

 

User Group

User ID

User Name

File Product Name

File Product Version

File Type

File Version

Original File Name

Endpoint inventories

Inventory Received

Endpoint Name

User Name

Name

Full Path

User Name

Version

Search Result Matching Level

Earliest Connection

IP Address

 

Architecture

Country

Language

Name

Vendor

Version

Endpoint ID

Endpoint Name

 

File Created

File Modified

File Owner

File Size

Full Path

SHA-1 Hash Value

Short Path

Tags

Inventory Received

User ID

User Name

File Product Name

File Product Version

File Type

File Version

Original File Name

Known applications

Vendor

Name

Version

Tags

AIR Score

Global Usage

First Detected

Category

Search Result Matching Level

 

APAC Usage

EMEA Usage

Global Usage

JPN Usage

LAR Usage

NABU Usage

AIR Score

Architecture

Category

Country

Language

Matched in Version

Name

Vendor

Version

   

File Size

SHA-1 Hash Value

Tags

First Detected

Inventory Received

 

File Product Name

File Product Version

File Type

File Version

Original File Name

Administrator actions

Time of Event

Severity

Event Group

Administrator

Message

Administrator

Event Group

Event ID

Message

Server

Search Result Matching Level

Severity

Time of Event

                 

Agent messages

Time of Event

Severity

Event Group

Endpoint Name

User Name

Message

Endpoint Name

Event Group

Event ID

Message

Search Result Matching Level

Server

Severity

Time of Event

User Name

                 

Server messages

Time of Event

Severity

Event Group

Message

Event Group

Event ID

Message

Server

Search Result Matching Level

Severity

Time of Event