Views:
Field Name
Type
General Field
Description
Example
Products
act
-
-
The action
  • Allow
  • Block
  • Zero Trust Secure Access - Internet Access
  • Zero Trust Secure Access - Private Access
  • undefined
action
-
-
The traffic processing action
  • ACCEPT
  • REJECT
  • undefined
app
-
-
The network protocol
  • HTTP
  • Deep Discovery Inspector
  • Virtual Network Sensor
  • undefined
application
-
-
The name of the requested application
  • Facebook
  • wiki
  • Zero Trust Secure Access - Internet Access
  • Zero Trust Secure Access - Private Access
  • undefined
archFiles
-
-
The file information extracted from detected files
  • -
  • Deep Discovery Inspector
  • Virtual Network Sensor
authType
-
-
The authorization type
  • Cookie
  • Zero Trust Secure Access - Internet Access
azId
-
-
The Availability Zone ID
  • apse2-az3
  • undefined
bytes
-
-
The number of transmitted data bytes
  • 15044
  • undefined
clientGroup
-
-
The client IP network group
  • myCompany
  • myGroup
  • Virtual Network Sensor
  • Deep Discovery Inspector
clientHost
-
-
The client IP hostname
  • sample.compute.amazonaws.com
  • sample.tw.trendnet.org
  • Virtual Network Sensor
clientIp
-
  • IPv4
  • IPv6
The endpoint IP
  • 10.64.23.45
  • Zero Trust Secure Access - Internet Access
  • Zero Trust Secure Access - Private Access
  • Deep Discovery Inspector
  • Virtual Network Sensor
clientMAC
-
-
The client MAC address
  • 00-08-e3-ff-fd-90
  • Deep Discovery Inspector
  • Virtual Network Sensor
clientPort
-
  • Port
The client port
  • 5566
  • Deep Discovery Inspector
  • Virtual Network Sensor
clientProtocol
-
-
The client protocol
  • HTTP/1.1
  • Zero Trust Secure Access - Internet Access
clientTls
-
-
The transport layer security of the client
  • TLS 1.2
  • Zero Trust Secure Access - Internet Access
cloudAccountId
-
-
The owner AWS account ID of the source network interface
  • 123456789012
  • undefined
cnt
-
-
The total number of logs
  • 1
  • 2
  • 3
  • undefined
companyName
-
-
The company name
  • Trend Micro
  • Zero Trust Secure Access - Private Access
contentEncoding
-
-
The content encoding of the request or the response
  • gzip
  • Zero Trust Secure Access - Internet Access
dOSName
-
-
The destination OS
  • Windows
  • undefined
dUser1
-
  • UserAccount
The latest sign-in user of the destination
  • dhr\m42svc
  • altsvc
  • undefined
detectionType
-
-
The scan type
  • Not match any rule
  • Access control
  • Zero Trust Secure Access - Internet Access
  • Zero Trust Secure Access - Private Access
deviceGUID
-
-
The non-endpoint object such as a network appliance
  • d1142f61-5bdf-4a48-bee8-b35f7b6c2376
  • Zero Trust Secure Access - Internet Access
  • Deep Discovery Inspector
  • Virtual Network Sensor
dhost
-
  • DomainName
The destination hostname
  • sw_us-east-1c_10-124-21-139
  • 8.243.49.4
  • undefined
direction
-
-
The object transfer direction
  • Download
  • Deep Discovery Inspector
  • Virtual Network Sensor
dmac
-
-
The destination MAC address
  • a8:d0:e5:5c:cb:c5
  • undefined
dnsQueryType
-
-
The record type requested by the DNS protocol
  • A
  • Deep Discovery Inspector
  • Virtual Network Sensor
dpt
-
  • Port
The service destination port of the private application server
  • 443
  • Zero Trust Secure Access - Private Access
  • undefined
  • undefined
dst
-
  • IPv4
  • IPv6
The destination IP
  • 10.10.10.10
  • 10.206.209.64
  • Zero Trust Secure Access - Internet Access
  • Zero Trust Secure Access - Private Access
  • undefined
  • undefined
dstLocation
-
-
The destination country
  • Japan
  • undefined
dstZone
-
-
The destination zone of the Palo Alto Networks firewall session
  • LAB-Small
  • undefined
duration
-
-
The time it took the scanner to complete the scan (in milliseconds)
  • 1599465660123
  • Zero Trust Secure Access - Internet Access
duser
-
  • EmailRecipient
The email recipient
  • p1234567@xxxxxx.tw
  • Deep Discovery Inspector
  • Virtual Network Sensor
dvc
-
-
The IP address of the Deep Discovery Inspector or Virtual Network Sensor appliance
  • 10.150.26.18
  • 172.16.0.140
  • 10.34.168.133
  • Deep Discovery Inspector
  • Virtual Network Sensor
dvchost
-
-
The network device hostname
  • my-company-xns
  • my-ddi
  • Deep Discovery Inspector
  • Virtual Network Sensor
  • undefined
e2eLatency
-
-
The end-to-end traffic latency time (in milliseconds)
  • 10000
  • Zero Trust Secure Access - Internet Access
endpointGuid
-
  • EndpointID
The device GUID
  • 66f0cb71-4150-4437-ba8b-91151bb12345
  • DSP84573ULLJHM5GK2R7
  • Zero Trust Secure Access - Internet Access
  • Zero Trust Secure Access - Private Access
endpointHostName
-
  • EndpointName
The hostname of the device on which the event was detected
  • my_machine
  • jeremy-mbp
  • Zero Trust Secure Access - Internet Access
  • Zero Trust Secure Access - Private Access
eventId
-
-
The event ID
  • 200139
  • 200140
  • Virtual Network Sensor
  • Deep Discovery Inspector
  • undefined
eventName
-
-
The log type
  • SWG_ACTIVITY_LOG
  • FIREWALL_ACTIVITY_LOG
  • Zero Trust Secure Access - Internet Access
  • Zero Trust Secure Access - Private Access
  • Deep Discovery Inspector
  • Virtual Network Sensor
  • undefined
eventSubName
-
-
The Zero Trust Secure Access - Internet Access cloud app action or the Palo Alto Networks firewall log sub-type
  • OneDrive download file
  • start
  • end
  • drop
  • deny
  • Zero Trust Secure Access - Internet Access
  • undefined
eventTime
-
-
The time the agent or product detected the event
  • 1657135700000
  • Zero Trust Secure Access - Internet Access
  • Zero Trust Secure Access - Private Access
  • Deep Discovery Inspector
  • Virtual Network Sensor
  • undefined
  • undefined
failedHTTPSInspection
-
-
The HTTPS traffic inspection failure
  • true
  • Zero Trust Secure Access - Internet Access
fileHash
-
  • FileSHA1
The SHA-1 of the file that violated the policy
  • 1e15bf99022a9164708cebb3eace8fd61ad45cba
  • Zero Trust Secure Access - Internet Access
  • Deep Discovery Inspector
  • Virtual Network Sensor
fileHashSha256
-
  • FileSHA2
The SHA-256 of the file that violated the policy
  • ba9edecdd09de1307714564c24409bd25508e22fe11c768053a08f173f263e93
  • Zero Trust Secure Access - Internet Access
  • Deep Discovery Inspector
  • Virtual Network Sensor
fileName
-
  • FileName
  • FileFullPath
The name of the file that violated the policy
  • word.doc
  • Zero Trust Secure Access - Internet Access
  • Deep Discovery Inspector
  • Virtual Network Sensor
fileSize
-
-
The size of the file that is violating the policy
  • 12134
  • Zero Trust Secure Access - Internet Access
  • Deep Discovery Inspector
  • Virtual Network Sensor
fileType
-
-
The type of file which is violating the policy
  • Microsoft Words
  • Zero Trust Secure Access - Internet Access
  • Deep Discovery Inspector
  • Virtual Network Sensor
filterRiskLevel
-
-
The top level filter risk of the event
  • info
  • low
  • medium
  • Security Analytics Engine
flowDirection
-
-
The network interface traffic direction
  • ingress
  • egress
  • undefined
flowId
-
-
The network analysis flow ID
  • 6837014561409730558
  • Deep Discovery Inspector
  • Virtual Network Sensor
  • undefined
flowType
-
-
The type of traffic
  • IPv4
  • IPv6
  • EFA
  • undefined
ftpTrans
-
-
The transaction information of the FTP protocol
  • -
  • Deep Discovery Inspector
  • Virtual Network Sensor
hostName
-
  • DomainName
  • HostDomain
The hostname
  • NJ-EFFY-ZHAO1
  • Deep Discovery Inspector
  • Virtual Network Sensor
httpLocation
-
  • URL
The HTTP location header
  • www.google.com.tw
  • Deep Discovery Inspector
  • Virtual Network Sensor
httpReferer
-
  • URL
The HTTP referer header
  • www.google.com.tw
  • Deep Discovery Inspector
  • Virtual Network Sensor
httpXForwardedFor
-
-
The HTTP X-Forwarded-For header
  • 192.168.1.103, 192.168.1.104, 192.168.1.106
  • Deep Discovery Inspector
  • Virtual Network Sensor
  • undefined
httpXForwardedForGroup
-
-
The X-Forwarded-For IP network group
  • myCompany
  • myGroup
  • Virtual Network Sensor
  • Deep Discovery Inspector
httpXForwardedForHost
-
-
The X-Forwarded-For IP hostname
  • sample.compute.amazonaws.com
  • sample.tw.trendnet.org
  • Virtual Network Sensor
httpXForwardedForIp
-
  • IPv4
  • IPv6
The x-forwarded-for IP used by the network appliance
  • 192.168.1.103
  • Deep Discovery Inspector
  • Virtual Network Sensor
instanceId
-
-
The instance ID
  • i-0c50d5961bcb2d47b
  • undefined
ipProto
-
-
The protocol number
  • 6
  • 17
  • undefined
ja3Hash
-
-
The JA3 hash
  • 478e74fad764c966f19c5232c7cdfc5a
  • Deep Discovery Inspector
  • Virtual Network Sensor
ja3sHash
-
-
The JA3S hash
  • 6d37fb1b3306d6e9f875650d8eb74b4f
  • Deep Discovery Inspector
  • Virtual Network Sensor
logStatus
-
-
The VPC Flow Log status
  • OK
  • NODATA
  • SKIPDATA
  • undefined
mailMsgSubject
-
  • EmailSubject
The email subject
  • test
  • Deep Discovery Inspector
  • Virtual Network Sensor
malName
-
-
The name of the detected malware
-
  • Zero Trust Secure Access - Internet Access
mimeType
-
-
The MIME type or content type of the response body
  • text/html
  • Zero Trust Secure Access - Internet Access
  • Deep Discovery Inspector
  • Virtual Network Sensor
msgId
-
  • EmailMessageID
The service provider message ID
  • <b03cf177d9bf4e2f834cd3a005b2cc4b@12345.com.tw>
  • Deep Discovery Inspector
  • Virtual Network Sensor
networkInterfaceId
-
-
The network interface ID
  • eni-1235b8ca123456789
  • undefined
objectId
-
-
The UUID of the Zero Trust Secure Access private access application
  • 6f1fe071-9636-4c99-9a4d-c9f6d409a4c8
  • Zero Trust Secure Access - Private Access
objectIps
-
  • IPv4
  • IPv6
The IP address resolved by the DNS protocol
  • 192.168.1.10
  • 104.210.35.94
  • Deep Discovery Inspector
  • Virtual Network Sensor
osName
-
-
The host OS
  • Windows 10
  • macos 12.1
  • Zero Trust Secure Access - Internet Access
  • Zero Trust Secure Access - Private Access
overSsl
-
-
The SSL protocol connection
  • YES
  • Deep Discovery Inspector
  • Virtual Network Sensor
packets
-
-
The number of transmitted data packets
  • 14
  • undefined
pktDstAddr
-
  • IPv4
  • IPv6
The packet level destination IP
  • 10.0.0.71
  • undefined
pktDstCloudServiceName
-
-
The sub-set IP address range name for cloud service destination IP
  • AMAZON
  • EC2
  • ROUTE53
  • undefined
pktSrcAddr
-
  • IPv4
  • IPv6
The packet level source IP
  • 52.95.128.179
  • undefined
pktSrcCloudServiceName
-
-
The sub-set IP address range name for the cloud service source IP
  • AMAZON
  • EC2
  • ROUTE53
  • undefined
pname
-
-
The product name
  • Secure Web Gateway
  • AWS VPC Flow Logs
  • Zero Trust Secure Access - Internet Access
  • Deep Discovery Inspector
  • Virtual Network Sensor
  • undefined
  • undefined
policyName
-
-
The name of the triggered policy
  • lab-to-dns
  • small-lab-http-out
  • undefined
policyTemplate
-
-
The Data Loss Prevention template name
  • Australia, New Zealand: Healthcare Template,Germany: Banking and Financial Information
  • Zero Trust Secure Access - Internet Access
policyTreePath
-
-
The policy tree path (endpoint only)
  • policyname1/policyname2/policyname3
  • Security Analytics Engine
policyUuid
-
-
The policy UUID
  • afef0518-abd7-43e1-9b73-2f55c4c95a8e
  • Zero Trust Secure Access - Private Access
  • undefined
principalName
-
  • UserAccount
The User Principal Name
  • millie.hutchinson@etlsystems.com
  • jeremy_tong@trendmicro.com
  • Zero Trust Secure Access - Internet Access
  • Zero Trust Secure Access - Private Access
productCode
-
-
The product which sent the log
  • sig
  • szn
  • Security Analytics Engine
  • undefined
profile
-
-
The name of the triggered Threat Protection template or Data Loss Prevention profile
-
  • Zero Trust Secure Access - Internet Access
pver
-
-
The product version
  • 1
  • Zero Trust Secure Access - Internet Access
  • undefined
regionId
-
-
The network interface AWS Region
  • ap-southeast-2
  • undefined
reqAppVersion
-
-
The client application version number
  • SSH-2.0-OPENSSH_9.0
  • Virtual Network Sensor
reqDataSize
-
-
The data volume transmitted over the transport layer by the client (in bytes)
  • 15688
  • Virtual Network Sensor
  • undefined
reqScannedBytes
-
-
The data volume transmitted by the client (in bytes)
  • 4655
  • Deep Discovery Inspector
  • Virtual Network Sensor
request
-
  • URL
The destination URL that the user is accessing
  • https://google.com/
  • https://api/example/v1/testit
  • Zero Trust Secure Access - Internet Access
  • Zero Trust Secure Access - Private Access
  • Deep Discovery Inspector
  • Virtual Network Sensor
requestBase
-
  • DomainName
  • HostDomain
The URL domain
  • www.facebook.com
  • gary.webserver64.com
  • Zero Trust Secure Access - Internet Access
  • Zero Trust Secure Access - Private Access
requestClientApplication
-
-
The HTTP user agent
  • Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
  • Deep Discovery Inspector
  • Virtual Network Sensor
requestDate
-
-
The HTTP date header
  • Fri, 20 Oct 2017 06:02:09 GMT
  • Deep Discovery Inspector
  • Virtual Network Sensor
requestHeaders
-
-
The list of HTTP headers without sensitive information
  • Host: 192.168.1.201:8080 User-Agent: curl/7.78.0 Accept: */*
  • Deep Discovery Inspector
  • Virtual Network Sensor
requestMethod
-
-
The network protocol request method
  • POST
  • Zero Trust Secure Access - Internet Access
  • Deep Discovery Inspector
  • Virtual Network Sensor
requestMimeType
-
-
The type of request content
  • application/json; charset=utf-8
  • Zero Trust Secure Access - Internet Access
  • Deep Discovery Inspector
  • Virtual Network Sensor
requestSize
-
-
The request length
  • 1324
  • Zero Trust Secure Access - Internet Access
requests
-
  • URL
The URLs of the request
  • www.google.com.tw
  • www.12345micro.com
  • Deep Discovery Inspector
  • Virtual Network Sensor
resolvedUrlGroup
-
-
The IP address FQDN network group
  • myCompany
  • myGroup
  • Virtual Network Sensor
  • Deep Discovery Inspector
resolvedUrlIp
-
  • IPv4
  • IPv6
The IP address of the FQDN
  • 142.251.43.3
  • Deep Discovery Inspector
  • Virtual Network Sensor
resolvedUrlPort
-
  • Port
The HTTP server port
  • 443
  • Deep Discovery Inspector
  • Virtual Network Sensor
respAppVersion
-
-
The server application version number
  • SSH-2.0-OPENSSH_8.7
  • Virtual Network Sensor
respArchFiles
-
-
The file information extracted from files detected in response direction
  • -
  • Deep Discovery Inspector
  • Virtual Network Sensor
respCode
-
-
The network protocol response code
  • 200
  • 25
  • Deep Discovery Inspector
  • Virtual Network Sensor
respDataSize
-
-
The data volume transmitted over the transport layer by the server (in bytes)
  • 7856
  • Virtual Network Sensor
  • undefined
respDate
-
-
The HTTP response date header
  • Fri, 20 Oct 2017 06:02:09 GMT
  • Deep Discovery Inspector
  • Virtual Network Sensor
respFileHash
-
  • FileSHA1
The SHA-1 of the file detected in the response direction
  • f17d9c55dea88f9aec8f74363f01e918cffb4142
  • Deep Discovery Inspector
  • Virtual Network Sensor
respFileHashSha256
-
  • FileSHA2
The SHA-256 of the file detected in the response direction
  • 5ad4396d67f0c9d54572f051e28e9e62f4010c269a953d25259b17ad5fab4fd5
  • Deep Discovery Inspector
  • Virtual Network Sensor
respFileType
-
-
The file type detected in the response direction
  • PKZIP
  • Deep Discovery Inspector
  • Virtual Network Sensor
respHeaders
-
-
The list of HTTP response headers without sensitive information
  • Accept-Ranges: bytes Content-Length: 68 Content-Type: - text/plain; charset=utf-8 Last-Modified: Thu, 19 Aug 2021 06:23:54 GMT Date: Thu, 19 Aug 2021 06:24:00 GMT
  • Deep Discovery Inspector
  • Virtual Network Sensor
respMethod
-
-
The response method
  • KRB_ERROR
  • AS_REP
  • Deep Discovery Inspector
  • Virtual Network Sensor
respScannedBytes
-
-
The data volume transmitted by the server (in bytes)
  • 6654
  • Deep Discovery Inspector
  • Virtual Network Sensor
responseSize
-
-
The response length
  • 1324
  • Zero Trust Secure Access - Internet Access
ruleName
-
-
The name of the triggered cloud access rule
  • ETL_Access Rules_Web_Host
  • block_wiki_for_guest
  • Zero Trust Secure Access - Internet Access
  • Zero Trust Secure Access - Private Access
ruleUuid
-
-
The risk assessment and control design that is defined by Zero Trust Secure Access risk control rules
  • 12340518-abd7-43e1-9b73-2f55c4c95a8e
  • Zero Trust Secure Access - Private Access
sOSName
-
-
The source OS
  • Windows 10
  • undefined
sUser1
-
  • UserAccount
The latest sign-in user of the source
  • 000c29edef58
  • corpdmz.com\ser-desktopcentral
  • undefined
sender
-
-
The roaming users or Trend Micro Web Security gateway where the web traffic passed
  • ETL VPN
  • Zero Trust Secure Access - Internet Access
serverGroup
-
-
The server IP network group
  • myCompany
  • myGroup
  • Virtual Network Sensor
  • Deep Discovery Inspector
serverHost
-
-
The server IP hostname
  • sample.compute.amazonaws.com
  • sample.tw.trendnet.org
  • Virtual Network Sensor
serverIp
-
  • IPv4
  • IPv6
The server IP
  • 104.210.35.94
  • Deep Discovery Inspector
  • Virtual Network Sensor
serverMAC
-
-
The server MAC address
  • 58-35-d9-de-4a-42
  • Deep Discovery Inspector
  • Virtual Network Sensor
serverPort
-
  • Port
The server port
  • 443
  • Deep Discovery Inspector
  • Virtual Network Sensor
serverProtocol
-
-
The version of the HTTP protocol between the Service Gateway and server/website
  • HTTP/1.1
  • Zero Trust Secure Access - Internet Access
  • Zero Trust Secure Access - Private Access
serverRespTime
-
-
The time the server took to respond to the request (in milliseconds)
  • 1599465660123
  • Zero Trust Secure Access - Internet Access
serverTls
-
-
The TLS version between the Service Gateway and server/website
  • TLS 1.2
  • Zero Trust Secure Access - Internet Access
  • Zero Trust Secure Access - Private Access
sessionEnd
-
-
The session end time (in seconds)
  • 1575462989
  • Zero Trust Secure Access - Private Access
  • Deep Discovery Inspector
  • Virtual Network Sensor
sessionEndReason
-
-
The reason why a session was terminated
  • tcp-fin
  • tcp-rst-from-server
  • undefined
sessionStart
-
-
The session start time (in seconds)
  • 1575462989
  • Zero Trust Secure Access - Private Access
  • Deep Discovery Inspector
  • Virtual Network Sensor
  • undefined
shost
-
  • DomainName
The source hostname
  • sw_us-east-1a_10-124-17-69
  • sw_us-east-1c_10-124-21-139
  • undefined
smac
-
-
The source MAC address
  • a8:d0:e5:5c:cb:c5
  • 00:50:56:b2:93:46
  • 00:09:0f:09:00:06
  • undefined
src
-
  • IPv4
  • IPv6
The source IP
  • 100.100.100.100
  • 18.162.103.100
  • Zero Trust Secure Access - Internet Access
  • Zero Trust Secure Access - Private Access
  • undefined
  • undefined
srcLocation
-
-
The source country
  • Japan
  • undefined
srcZone
-
-
The source zone of the Palo Alto Networks firewall session
  • LAB-Small
  • undefined
sslCertCommonName
-
  • DomainName
  • HostDomain
The certificate common name
  • *.www.yahoo.com
  • Deep Discovery Inspector
  • Virtual Network Sensor
sslCertFingerprint
-
-
The certificate fingerprint
  • 3914af80223c833f26df001cbf342eff8a31aba1
  • Deep Discovery Inspector
  • Virtual Network Sensor
sslCertIssuer
-
-
The issuer of the certificate
  • /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 High Assurance Server CA
  • Deep Discovery Inspector
  • Virtual Network Sensor
sslCertSANs
-
-
The Subject Alternative Name of the certificate
  • *.www.yahoo.com
  • add.my.yahoo.com
  • au.yahoo.com
  • Deep Discovery Inspector
  • Virtual Network Sensor
sslCertSerialNumber
-
-
The certificate serial number
  • 0888b1ad2a593310593f47565a5a5a4a
  • Deep Discovery Inspector
  • Virtual Network Sensor
sslCertValidFrom
-
-
The certificate validity start time
  • 2014-11-21T02:43:28
  • Deep Discovery Inspector
  • Virtual Network Sensor
sslCertValidUntil
-
-
The certificate validity end time
  • 2018-11-21T02:43:28
  • Deep Discovery Inspector
  • Virtual Network Sensor
status
-
-
The network analysis flow session status
  • 2
  • Deep Discovery Inspector
  • Virtual Network Sensor
subLocationId
-
-
The sub-location ID
  • -
  • lz-0abcd123efg4567h
  • op-0abcd123efg4567h
  • wz-0abcd123efg4567h
  • undefined
subLocationType
-
-
The sub-location type
  • wavelength
  • outpost
  • localzone
  • undefined
subnetId
-
-
The subnet ID
  • subnet-aaaaaaaa012345678
  • undefined
suid
-
  • UserAccount
The user name or IP address (IPv4)
  • Millie Hutchinson
  • 18.162.103.100
  • Zero Trust Secure Access - Internet Access
  • Deep Discovery Inspector
  • Virtual Network Sensor
suser
-
  • EmailSender
The email sender
  • P1234567_C12345@12345.com.tw
  • Deep Discovery Inspector
  • Virtual Network Sensor
tags
-
  • Technique
The detected technique ID based on the alert filter
  • MITREV9.T1057
  • MITREV9.T1059.003
  • XSAE.F2924
  • Security Analytics Engine
tcpFlags
-
-
The bitmask value of the FIN/SYN/RST/SYN-ACK TCP flags
  • 1
  • 2
  • 4
  • 18
  • undefined
tlsJA3Fingerprint
-
-
The JA3 fingerprint
-
  • Zero Trust Secure Access - Internet Access
  • Deep Discovery Inspector
  • Virtual Network Sensor
tlsJA3SFingerprint
-
-
The raw JA3S
  • 771,157,65281-15
  • Deep Discovery Inspector
  • Virtual Network Sensor
tlsSelectedCipher
-
-
The selected cipher of the TLS protocol
  • c02f
  • Deep Discovery Inspector
  • Virtual Network Sensor
trafficPath
-
-
The egress traffic path number
  • 1
  • 2
  • 8
  • undefined
trafficType
-
-
The traffic type
  • Forward
  • Zero Trust Secure Access - Internet Access
userDepartment
-
-
The user department request method
  • Sales
  • Zero Trust Secure Access - Internet Access
userDomain
-
  • DomainName
  • AccountDomain
The Microsoft Entra ID domain or the domain of the Trend Micro Anti-Spam administrator portal user name
  • etlsystems.com
  • Zero Trust Secure Access - Internet Access
  • Deep Discovery Inspector
  • Virtual Network Sensor
uuid
-
-
The unique key of the log
  • 00008a58-5c57-46b2-ad06-335035989d08
  • 0000ca1e-abfa-4013-9213-2dcf5cf1c4d0
  • 0001469c-dc16-469f-8e44-3d02d2057250
  • Security Analytics Engine
vpcId
-
-
The VPC ID
  • vpc-abcdefab012345678
  • undefined
vsysName
-
-
The Palo Alto Networks virtual system of the session
  • vsys1
  • undefined