Kaspersky Automated Security Awareness Platform response
Event field name | Field value |
DeviceAction |
|
DeviceFacility |
|
EventOutcome |
|
Message | Description of the error, if an error occurred, otherwise the field is empty. |
SourceTranslatedAddress | This field contains the value of the HTTP header x-real-ip or x-forwarded-for. If these headers are absent, the field will be empty. |
SourceAddress | The address from which the user logged in. If the user logged in using a proxy, there will be a proxy address. |
SourcePort | Port from which the user logged in. If the user logged in using a proxy, there will be a port on the proxy side. |
SourceUserName | Login of the user who sent the request. |
SourceUserID | ID of the user who sent the request. |
DeviceCustomString1 | The manager of the user to whom the course is assigned. |
DeviceCustomString1Label |
|
DeviceCustomString3 | Information about the group where the user belonged. Not available for |
DeviceCustomString3Label |
|
DeviceCustomString4 | Information about the group where the user was added. |
DeviceCustomString4Label |
|
DeviceCustomString5 | Tenant ID. |
DeviceCustomString5Label |
|
DeviceCustomString6 | Tenant name. |
DeviceCustomString6Label |
|
DestinationUserID | ID of the Active Directory user account which causes the response. |
DestinationUserName | Account name (sAMAccountName). |
DestinationNtDomain | Domain of the Active Directory user account which causes the response. |