| Download BytesЕxt |
bytes_download |
Recommended |
Long |
The number of bytes downloaded from the source to the destination. |
| Upload BytesЕxt |
bytes_upload |
Recommended |
Long |
The number of bytes uploaded from the source to the destination. |
| Connection DirectionЕxt |
connection_direction_id |
Optional |
Integer |
The direction of the initiated connection.
| 0 | Unknown | Connection direction is unknown, for example as for a CLOSE operation. | |
| 1 | Inbound | Accepted an inbound connection | |
| 2 | Outbound | Initiated an outbound connection | |
|
| DirectionЕxt |
direction_id |
Optional |
Integer |
The direction of the initiated traffic.
| 0 | Unknown | Traffic direction is unknown, for example as for a CLOSE operation. | |
| 1 | Inbound | Accepted an inbound connection | |
| 2 | Outbound | Initiated an outbound connection | |
|
| Destination IP |
dst_ip |
Recommended |
IP Address |
The IP address of the destination network connection device. The format is either IPv4 or IPv6. |
| Destination LocationЕxt |
dst_location |
Optional |
Location |
Reports the location of the IP address to which the Web Security Service connected. |
| Destination MACЕxt |
dst_mac |
Optional |
String |
The MAC address of the destination network connection device. |
| Destination NameЕxt |
dst_name |
Optional |
String |
The host name of the destination network connection device. |
| Destination Port |
dst_port |
Recommended |
Integer |
The port number of the destination network connection. |
| Destination ServiceЕxt |
dst_service |
Optional |
String |
The destination network connection service name. |
| EtherTypeЕxt |
ether_type |
Optional |
Integer |
The EtherType indicates which protocol is encapsulated in the payload of an Ethernet frame. |
| HTTP StatusЕxt |
http_status |
Recommended |
Integer |
The HTTP status code returned to the client. |
| HTTP User-AgentЕxt |
http_user_agent |
Recommended |
String |
The request header that is used to identify the operating system and web browser. |
| LocalЕxt |
local |
Optional |
Boolean |
The indication of whether the connection is between two endpoints on the same device. For example, if Source IP (src_ip) and Destination IP (dst_ip) could be the same. |
| ProtocolЕxt |
protocol_id |
Optional |
Integer |
The network protocol as defined by RFC1340. For example: TCP=6 and UDP=17. |
| Protocol VersionЕxt |
protocol_version |
Optional |
Integer |
The version of the network protocol. |
| Request HeadersЕxt |
request_headers |
Optional |
JSON |
The additional information associated with and HTTP request. |
| Response HeadersЕxt |
response_headers |
Optional |
JSON |
The additional information associated with and HTTP response. |
| RPCЕxt |
rpc |
Optional |
Remote Procedure Call |
The RPC object that pertains to the network connection. |
| Source IP |
src_ip |
Recommended |
IP Address |
The IP address of the device that initiated the network connection. |
| Source LocationЕxt |
src_location |
Optional |
Location |
The location associated with the client IP address. |
| Source MACЕxt |
src_mac |
Optional |
String |
The MAC address of the device that initiated the network connection. |
| Source NameЕxt |
src_name |
Optional |
String |
The host name of the device that initiated the network connection. |
| Source Port |
src_port |
Recommended |
Integer |
The port number of the source device. |
| Source ServiceЕxt |
src_service |
Optional |
String |
The source network connection service name. |
| IANA Service NameЕxt |
svc_name |
Optional |
String |
The service name as defined by the Internet Assigned Numbers Authority (IANA). See Service Name and Transport Protocol Port Number Registry. |
| TCP FlagsЕxt |
tcp_flags |
Recommended |
Integer |
The network connection TCP header flags (i.e., control bits). |
| TLSЕxt |
tls |
Recommended |
TLS |
The Transport Layer Service attributes |
| Connection Unique IDЕxt |
uid |
Optional |
String |
The unique identifier of the connection. |
| URLЕxt |
url |
Optional |
Uniform Resource Locator |
The URL object that pertains to the network connection. |