event-guid

Globally unique ID (GUID) of the event.

event-part

Number of the part with information about the event.

event-total-parts

Total number of parts with information about the event.

user-ip

IP address of the computer from which the event was initiated. Can be in IPv4 or IPv6 format.

user-login

Login of the user that initiated the event, or user name of the user that initiated the event, from an external Active Directory or LDAP.

In case of failed authentication, only the local user login is logged. For SSO users, the key is recorded with an empty value.

user-roles

List of roles of the user that initiated the event.

If there are multiple roles, they are specified as a comma-separated list.

Empty value if the user has no roles.

user-account-type

Account type of the KSMG user that initiated the event.

event-result

Event result. Possible values: success, fail.