HIP Match EMAIL Fields
Focus
Focus
Strata Logging Service

HIP Match EMAIL Fields

Table of Contents

HIP Match EMAIL Fields

Example HIP Match log in EMAIL:
TimeReceived=2021-02-23T02:44:43.000000Z DeviceSN=xxxxxxxxxxxxx LogType=HIPMATCH Subtype= ConfigVersion= TimeGenerated=2021-02-23T02:44:43.000000Z SourceUser="xxxxx\xxxxx xxxxx" VirtualLocation=vsys1 EndpointDeviceName=machine_name1 EndpointOSType=iOS SourceIP=xxxxxxxxxxxx HipMatchName=match_name1 CountOfRepeats=1 HipMatchType=HIP Profile SequenceNo=6711379990526558208 DGHierarchyLevel1=12 DGHierarchyLevel2=0 DGHierarchyLevel3=0 DGHierarchyLevel4=0 VirtualSystemName= DeviceName=PA-5220 VirtualSystemID=1 SourceIPv6=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx HostID=e777947f-d92e-4815-9222-89438203bc2b EndpointSerialNumber=xxxxxxxxxxxxxx SourceDeviceCategory= SourceDeviceProfile= SourceDeviceModel= SourceDeviceVendor= SourceDeviceOSFamily= SourceDeviceOSVersion= SourceDeviceMac= SourceDeviceHost= Source= TimestampDeviceIdentification= TimeGeneratedHighResolution=2019-07-25T23:30:12.000000Z
The following table identifies the HIP Match field names that the Log Forwarding app uses when you forward logs using the EMAIL log format.
EMAIL Name
Query Name
ConfigVersion
CountOfRepeats
TenantID
DGHierarchyLevel1
DGHierarchyLevel2
DGHierarchyLevel3
DGHierarchyLevel4
EndpointDeviceName
EndpointOSType
EndpointSerialNumber
HipMatchName
HipMatchType
HostID
IsDuplicateLog
LogExported
LogForwarded
IsPrismaNetworks
IsPrismaUsers
LogSource
LogSourceGroupID
DeviceSN
DeviceName
LogSourceTimeZoneOffset
TimeReceived
LogType
PanoramaSN
PlatformType
SequenceNo
Source
SourceDeviceCategory
SourceDeviceClass
SourceDeviceHost
SourceDeviceMac
SourceDeviceModel
SourceDeviceOS
SourceDeviceOSFamily
SourceDeviceOSVersion
SourceDeviceProfile
SourceDeviceVendor
SourceIP
SourceIPv6
SourceUser
SourceUserDomain
SourceUserName
SourceUserUUID
Subtype
TimeGenerated
TimeGeneratedHighResolution
TimestampDeviceIdentification
UUID
VendorName
VirtualLocation
VirtualSystemID
VirtualSystemName