Version:

Version:

Version:

Version:


Table of Contents

Download PDF
Copy Link

Log message by type

securityevent > av

Log ID

Level

Sub Type

Event Type

Message

96530

warning

av

action

Found virus

Field

Field Description

Field Type

action

block or monitor

string

file

file location

string

virus

virus name

string

sigid

signature id

string

from

email from

string

to

email to

string

service

network protocol

string

vpn

vpn tunnel name

string

filesize

file size

int

checksum

file crc32 checksum

int

detectedby

the security feature that detected virus

enumeration string

detectedin

where the virus is detected

enumeration string

96531

warning

av

warning

Found malware

Field

Field Description

Field Type

action

block or monitor

string

file

file location

string

virus

virus name

string

viruscat

virus category

string

sigid

signature id

string

filesize

file size

int

checksum

file crc32 checksum

int

detectedby

the security feature that detected virus

enumeration string

detectedin

where the virus is detected

enumeration string

securityevent > vulnerabilityscan

Log ID

Level

Sub Type

Event Type

Message

96521

info

vulnerabilityscan

status

A vulnerability scan result has been logged

Field

Field Description

Field Type

vulnid

id of the vulnerability

int

vulnname

name of the vulnerability

string

vulnseverity

severity level

string

vulncat

category

string

vulncvss

cvss score

string

vulnref

reference of the vulnerability

string

vulnengine

engine version

string

vulnsignature

signature version

string

vulnproducts

name of the vulnerable product

string

96522

info

vulnerabilityscan

status

Applying patch for vulnerability found

Field

Field Description

Field Type

vulnid

id of the vulnerability

int

vulnname

name of the vulnerability

string

vulnseverity

severity level

string

vulncat

category

string

vulncvss

cvss score

string

vulnref

reference of the vulnerability

string

vulnengine

engine version

string

vulnsignature

signature version

string

vulnproducts

name of the vulnerable product

string

systemevent > endpoint

Log ID

Level

Sub Type

Event Type

Message

96953

info

endpoint

status

Endpoint Control Status Changed

Field

Field Description

Field Type

eponlinest

online status

enumeration string

epplace

EP place

enumeration string

emshostname

EMS host name

string

status

status description

string

96955

info

endpoint

status

Endpoint Control Registration Status Changed

Field

Field Description

Field Type

emshostname

EMS host name

string

status

status description

string

emsip

EMS IP

string

fctip

FCT IP

string

96956

info

endpoint

status

Endpoint Quarantine Status Changed

Field

Field Description

Field Type

epmgmtst

management status

enumeration string

epquarmsg

quarant message

string

emshostname

EMS host name

string

96957

info

endpoint

status

Endpoint Ext Log to FAZ

Field

Field Description

Field Type

epfeatures

installed features list

string

epenfeatures

enabled features list

string

ephbemsduration

EMS heart beat duration

int

ephbemslast

EMS heart beat last time

string

emshostname

EMS host name

string

96958

info

endpoint

status

User social media information

Field

Field Description

Field Type

social_email

social email

string

social_phone

social phone number

string

social_srvc

social service

string

social_user

social user name

string

Log message by type

securityevent > av

Log ID

Level

Sub Type

Event Type

Message

96530

warning

av

action

Found virus

Field

Field Description

Field Type

action

block or monitor

string

file

file location

string

virus

virus name

string

sigid

signature id

string

from

email from

string

to

email to

string

service

network protocol

string

vpn

vpn tunnel name

string

filesize

file size

int

checksum

file crc32 checksum

int

detectedby

the security feature that detected virus

enumeration string

detectedin

where the virus is detected

enumeration string

96531

warning

av

warning

Found malware

Field

Field Description

Field Type

action

block or monitor

string

file

file location

string

virus

virus name

string

viruscat

virus category

string

sigid

signature id

string

filesize

file size

int

checksum

file crc32 checksum

int

detectedby

the security feature that detected virus

enumeration string

detectedin

where the virus is detected

enumeration string

securityevent > vulnerabilityscan

Log ID

Level

Sub Type

Event Type

Message

96521

info

vulnerabilityscan

status

A vulnerability scan result has been logged

Field

Field Description

Field Type

vulnid

id of the vulnerability

int

vulnname

name of the vulnerability

string

vulnseverity

severity level

string

vulncat

category

string

vulncvss

cvss score

string

vulnref

reference of the vulnerability

string

vulnengine

engine version

string

vulnsignature

signature version

string

vulnproducts

name of the vulnerable product

string

96522

info

vulnerabilityscan

status

Applying patch for vulnerability found

Field

Field Description

Field Type

vulnid

id of the vulnerability

int

vulnname

name of the vulnerability

string

vulnseverity

severity level

string

vulncat

category

string

vulncvss

cvss score

string

vulnref

reference of the vulnerability

string

vulnengine

engine version

string

vulnsignature

signature version

string

vulnproducts

name of the vulnerable product

string

systemevent > endpoint

Log ID

Level

Sub Type

Event Type

Message

96953

info

endpoint

status

Endpoint Control Status Changed

Field

Field Description

Field Type

eponlinest

online status

enumeration string

epplace

EP place

enumeration string

emshostname

EMS host name

string

status

status description

string

96955

info

endpoint

status

Endpoint Control Registration Status Changed

Field

Field Description

Field Type

emshostname

EMS host name

string

status

status description

string

emsip

EMS IP

string

fctip

FCT IP

string

96956

info

endpoint

status

Endpoint Quarantine Status Changed

Field

Field Description

Field Type

epmgmtst

management status

enumeration string

epquarmsg

quarant message

string

emshostname

EMS host name

string

96957

info

endpoint

status

Endpoint Ext Log to FAZ

Field

Field Description

Field Type

epfeatures

installed features list

string

epenfeatures

enabled features list

string

ephbemsduration

EMS heart beat duration

int

ephbemslast

EMS heart beat last time

string

emshostname

EMS host name

string

96958

info

endpoint

status

User social media information

Field

Field Description

Field Type

social_email

social email

string

social_phone

social phone number

string

social_srvc

social service

string

social_user

social user name

string