XDR for Cloud - Azure VNet Flow Logs
Layer: Cloud
This documentation provides detailed information about all fields available for XDR for Cloud - Azure VNet Flow Logs.
| Field Name |
Type |
Searchable |
General Field |
Description |
Example |
Products |
| dpt |
int |
true |
Port |
The service destination port of the private application server (dstport) |
443 |
- Zero Trust Secure Access - Private Access
- XDR for Cloud - AWS VPC Flow Logs
- XDR for Cloud - Azure VNet Flow Logs
|
| dst |
string |
true |
|
The destination IP address (dstaddr) |
10.10.10.10 |
- Zero Trust Secure Access - Internet Access
- Zero Trust Secure Access - Private Access
- XDR for Cloud - AWS VPC Flow Logs
- XDR for Cloud - Azure VNet Flow Logs
|
| eventId |
string |
true |
- |
The event ID |
|
- Network Sensor
- Trend Micro Deep Discovery Inspector
- XDR for Cloud - AWS VPC Flow Logs
- XDR for Cloud - Azure VNet Flow Logs
|
| eventName |
string |
true |
- |
The name of the log event |
- SWG_ACTIVITY_LOG
- FIREWALL_ACTIVITY_LOG
- VPC_ACTIVITY_LOG
|
- Zero Trust Secure Access - Internet Access
- Zero Trust Secure Access - Private Access
- Trend Micro Deep Discovery Inspector
- Network Sensor
- XDR for Cloud - AWS VPC Flow Logs
- XDR for Cloud - Azure VNet Flow Logs
|
| eventTime |
real |
true |
- |
The time the agent or product detected the event |
1657135700000 |
- Zero Trust Secure Access - Internet Access
- Zero Trust Secure Access - Private Access
- Trend Micro Deep Discovery Inspector
- Network Sensor
- XDR for Cloud - AWS VPC Flow Logs
- XDR for Cloud - Azure VNet Flow Logs
|
| flowDirection |
string |
true |
- |
The network interface traffic direction |
|
- XDR for Cloud - AWS VPC Flow Logs
- XDR for Cloud - Azure VNet Flow Logs
|
| pname |
string |
true |
- |
The product name |
- Secure Web Gateway
- XDR for Cloud - AWS VPC Flow Logs
|
- Zero Trust Secure Access - Internet Access
- Trend Micro Deep Discovery Inspector
- Network Sensor
- XDR for Cloud - AWS VPC Flow Logs
- XDR for Cloud - Azure VNet Flow Logs
|
| ruleName |
string |
true |
- |
The name of the triggered cloud access rule |
- ETL_Access Rules_Web_Host
- block_wiki_for_guest
- BlockHighRiskTCPPortsFromInternet
- unspecified
|
- Zero Trust Secure Access - Internet Access
- Zero Trust Secure Access - Private Access
- XDR for Cloud - Azure VNet Flow Logs
|
| spt |
int |
true |
Port |
The virtual port of the source assigned to the Secure Access Module (srcport) |
57763 |
- Zero Trust Secure Access - Private Access
- XDR for Cloud - AWS VPC Flow Logs
- XDR for Cloud - Azure VNet Flow Logs
|
| src |
string |
true |
|
The source IP address (srcaddr) |
10.10.10.10 |
- Zero Trust Secure Access - Internet Access
- Zero Trust Secure Access - Private Access
- XDR for Cloud - AWS VPC Flow Logs
- XDR for Cloud - Azure VNet Flow Logs
|
| vpcFlowLogsVersion |
int |
false |
- |
The VPC Flow Logs version (version) |
|
- XDR for Cloud - AWS VPC Flow Logs
- XDR for Cloud - Azure VNet Flow Logs
|
Field Statistics
- Total Fields: 11
- Layer: Cloud
- Product: XDR for Cloud - Azure VNet Flow Logs
Generated by XDR Common Schema Public Doc Generator V2