Response via KICS for Networks
Event field name | Field value |
DeviceAction |
|
DeviceFacility |
|
EventOutcome |
|
SourceTranslatedAddress | This field contains the value of the HTTP header x-real-ip or x-forwarded-for. If these headers are absent, the field will be empty. |
SourceAddress | The address from which the user logged in. If the user logged in using a proxy, there will be a proxy address. |
SourcePort | Port from which the user logged in. If the user logged in using a proxy, there will be a port on the proxy side. |
SourceUserName | Login of the user who sent the request. |
SourceUserID | ID of the user who sent the request. |
DeviceCustomString3 | Response rule name: |
DeviceCustomString3Label |
|
DeviceCustomString5 | Tenant ID. |
DeviceCustomString5Label |
|
DeviceCustomString6 | Tenant name. |
DeviceCustomString6Label |
|
DeviceExternalID | Asset ID. |
SourceHostName | Asset FQDN. |
Name | Asset name. |
DeviceCustomString1 | List of IP addresses for the asset. |
DeviceCustomString1Label |
|