Event field name |
Field value |
DeviceAction |
|
EventOutcome |
|
SourceTranslatedAddress |
This field contains the value of the HTTP header x-real-ip or x-forwarded-for. If these headers are absent, the field will be empty. |
SourceAddress |
The address from which the user logged in. If the user logged in using a proxy, there will be a proxy address. |
SourcePort |
Port from which the user logged in. If the user logged in using a proxy, there will be a port on the proxy side. |
SourceUserName |
Login of the user who makes the changes. |
SourceUserID |
ID of the user who makes the changes. |
DestinationUserName |
Login of the user for whom the changes are made. |
DestinationUserID |
ID of the user for whom the changes are made. |
DestinationUserPrivileges |
Role name. Available values: general admin, admin, analyst, operator. |
DeviceCustomString5 |
ID of the tenant used to assign the role. |
DeviceCustomString5Label |
|
DeviceCustomString6 |
Tenant name. |
DeviceCustomString6Label |
|