HIP Match Syslog Default Field Order

Table of Contents

HIP Match Syslog Default Field Order

Example HIP Match log in Syslog:

Oct 12 21:42:57 gke-standard-cluster-2-pool-1-6ea9f13a-moqf 592 <142>1 2020-10-12T21:42:56.982Z stream-logfwd20-156653024-10121421-eq28-harness-16kn logforwarder - panwlogs - 1,2020-10-12T21:42:51.000000Z,007051000113358,HIPMATCH,hipmatch,10.0,2020-10-12T21:31:20.000000Z,paloaltonetwork\xxxxx,vsys1,machine_name2,Windows,::105:505:ffff:0,match_name1,16777216,HIP Object,,,343827467,-9223372036854775808,0,0,0,0,,PA-VM,1,7856:26e4:0:80fe:2983:1efe:ffb3:2b2,78:22:be:12:55:76,serial 0202020202,2,profile_list-2,5 Plus,Samsung,osfamily_list-2,osversion_list-2,6c258d1d8347b658,devhost_list-0,source-3,1996-06-22T05:27:59.000000Z,2020-10-12T21:31:21.110000Z

The following identifies the default field order for filters migrated from an earlier version of the log forwarding application. For log filters created after that migration, you specify the field order when you create a log filter by specifying the columns you want to receive.

The fields are identified in the default order that they appear in each log line.

HIP Match

HIP Match CEF Fields

Strata Logging Service Docs

HIP Match Syslog Default Field Order

Strata Logging Service Docs

HIP Match Syslog Default Field Order

Activation & Onboarding

Next-Generation Firewalls

SASE

Cloud-Delivered Security Services

Endpoints

Visibility & Monitoring

Best Practices

Experts Corner