>
    HIP Match EMAIL Fields
    Focus
    Download PDF
    Focus
    1. Home
    2. Strata Logging Service
    3. Network Logs
    4. HIP Match
    5. HIP Match EMAIL Fields
    Download PDF
    Strata Logging Service

    HIP Match EMAIL Fields

    Table of Contents

    HIP Match EMAIL Fields

    Example HIP Match log in EMAIL: 
    TimeReceived=2021-02-23T02:44:43.000000Z
DeviceSN=xxxxxxxxxxxxx
LogType=HIPMATCH
Subtype=
ConfigVersion=
TimeGenerated=2021-02-23T02:44:43.000000Z
SourceUser="xxxxx\xxxxx xxxxx"
VirtualLocation=vsys1
EndpointDeviceName=machine_name1
EndpointOSType=iOS
SourceIP=xxxxxxxxxxxx
HipMatchName=match_name1
CountOfRepeats=1
HipMatchType=HIP Profile
SequenceNo=6711379990526558208
DGHierarchyLevel1=12
DGHierarchyLevel2=0
DGHierarchyLevel3=0
DGHierarchyLevel4=0
VirtualSystemName=
DeviceName=PA-5220
VirtualSystemID=1
SourceIPv6=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
HostID=e777947f-d92e-4815-9222-89438203bc2b
EndpointSerialNumber=xxxxxxxxxxxxxx
SourceDeviceCategory=
SourceDeviceProfile=
SourceDeviceModel=
SourceDeviceVendor=
SourceDeviceOSFamily=
SourceDeviceOSVersion=
SourceDeviceMac=
SourceDeviceHost=
Source=
TimestampDeviceIdentification=
TimeGeneratedHighResolution=2019-07-25T23:30:12.000000Z
    The following table identifies the HIP Match field names that the Log Forwarding app uses when you forward logs using the EMAIL log format.
    EMAIL Name
    Query Name
    ConfigVersion
    config_version.​value
    CountOfRepeats
    count_of_repeats
    TenantID
    customer_id
    DGHierarchyLevel1
    dg_hier_level_1
    DGHierarchyLevel2
    dg_hier_level_2
    DGHierarchyLevel3
    dg_hier_level_3
    DGHierarchyLevel4
    dg_hier_level_4
    EndpointDeviceName
    endpoint_device_name
    EndpointOSType
    endpoint_os_type
    EndpointSerialNumber
    endpoint_serial_number
    HipMatchName
    hip_match_name
    HipMatchType
    hip_match_type.​value
    HostID
    host_id
    IsDuplicateLog
    is_dup_log
    LogExported
    is_exported
    LogForwarded
    is_forwarded
    IsPrismaNetworks
    is_prisma_branch
    IsPrismaUsers
    is_prisma_mobile
    LogSource
    log_source
    LogSourceGroupID
    log_source_group_id
    DeviceSN
    log_source_id
    DeviceName
    log_source_name
    LogSourceTimeZoneOffset
    log_source_tz_offset
    TimeReceived
    log_time
    LogType
    log_type.​value
    PanoramaSN
    panorama_serial
    PlatformType
    platform_type
    SequenceNo
    sequence_no
    Source
    source
    SourceDeviceCategory
    source_device_category
    SourceDeviceClass
    source_device_class
    SourceDeviceHost
    source_device_host
    SourceDeviceMac
    source_device_mac
    SourceDeviceModel
    source_device_model
    SourceDeviceOS
    source_device_os
    SourceDeviceOSFamily
    source_device_osfamily
    SourceDeviceOSVersion
    source_device_osversion
    SourceDeviceProfile
    source_device_profile
    SourceDeviceVendor
    source_device_vendor
    SourceIP
    source_ip.​value
    SourceIPv6
    source_ip_v6.​value
    SourceUser
    source_user
    SourceUserDomain
    source_user_info.​domain
    SourceUserName
    source_user_info.​name
    SourceUserUUID
    source_user_info.​uuid
    Subtype
    sub_type.​value
    TimeGenerated
    time_generated
    TimeGeneratedHighResolution
    time_generated_high_res
    TimestampDeviceIdentification
    timestamp_device_identification
    UUID
    uuid
    VendorName
    vendor_name
    VirtualLocation
    vsys
    VirtualSystemID
    vsys_id
    VirtualSystemName
    vsys_name

    © 2024 Palo Alto Networks, Inc. All rights reserved.