tm-v1-schema

Trend Micro Web Security

Layer: Network

This documentation provides detailed information about all fields available for Trend Micro Web Security.

Field Name Type Searchable General Field Description Example Products
act dynamic true - The actions taken to mitigate the event
  • log
  • isolate
  • terminate
  • not blocked
  • Block
  • No action
  • Reset
  • Pass
  • User Decision
  • Trend Vision One Container Security
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Apex One as a Service
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Cloud App Security
  • TippingPoint Security Management System
  • Endpoint Sensor
  • Trend Micro Web Security
  • Trend Micro Email Security
  • Trend Micro Deep Security
  • Trend Cloud One - Network Security
  • Zero Trust Secure Access - Internet Access
  • TXOne EdgeOne
  • Zero Trust Secure Access - Private Access
  • Email Sensor
  • Trend Vision One Mobile Security
  • Mobile Network Security
  • Agentless Vulnerability & Threat Detection
aggregatedCount string true - The number of aggregated events
  • 1
  • 2
  • 3
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Apex One as a Service
  • TippingPoint Security Management System
  • Trend Micro Web Security
  • Trend Cloud One - Network Security
  • Zero Trust Secure Access - Internet Access
  • TXOne StellarOne
  • Data Detection and Response
  • Trend Cloud One - Endpoint & Workload Security
application string true - The name of the requested application
  • HyperText Transfer Protocol
  • DoubleClick
  • The Secure HyperText Transfer Protocol
  • Trend Micro Web Security
  • Zero Trust Secure Access - Internet Access
  • Zero Trust Secure Access - Private Access
  • Trend Micro Apex One as a Service
detectionType string true - The detection type
  • 1
  • File
  • Process
  • net
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Web Security
  • Trend Micro Apex One as a Service
  • Trend Micro Cloud App Security
  • Trend Micro Deep Security
  • Trend Micro Email Security
  • Zero Trust Secure Access - Internet Access
  • Trend Vision One Mobile Security
  • Zero Trust Secure Access - Private Access
  • Trend Vision One Container Security
logKey string true - The unique key of the event
  • 123e4567-e89b-12d3-a456-426614174000
  • 987f6543-21ba-43cd-9e8f-123456789abc
  • 456789ab-cdef-1234-5678-9abcdef01234
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Apex One as a Service
  • Trend Micro Deep Security
  • Trend Micro Cloud App Security
  • Trend Micro Email Security
  • TippingPoint Security Management System
  • Endpoint Sensor
  • Trend Micro Web Security
  • Trend Cloud One - Network Security
  • Zero Trust Secure Access - Internet Access
malName string true - The name of the detected malware
  • SecurityLevelDrop
  • Regla Logs All
  • USR_SUSPICIOUS_DOMAIN.UMXX
  • Trend Micro Apex One as a Service
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Deep Security
  • Trend Micro Web Security
  • TXOne StellarOne
  • Email Sensor
  • File Security
  • File Security Storage
  • Agentless Vulnerability & Threat Detection
  • Trend Vision One Container Security
pname string true - The internal product ID
  • Trend Micro Deep Security
  • Deep Discovery Inspector
  • Apex One
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Apex One as a Service
  • Trend Micro Deep Security
  • Trend Micro Cloud App Security
  • Trend Micro Email Security
  • TippingPoint Security Management System
  • Endpoint Sensor
  • Trend Micro Web Security
  • Trend Cloud One - Network Security
  • Zero Trust Secure Access - Internet Access
  • Trend Vision One Mobile Security
  • Trend Vision One Container Security
  • Email Sensor
policyName string true - The name of the triggered policy
  • Steelcase
  • Cabot
  • Tigre - Medium Policy
  • apiPostedPolicy
  • Trend Micro Apex One as a Service
  • Trend Micro Cloud App Security
  • Trend Micro Web Security
  • Trend Micro Email Security
  • Zero Trust Secure Access - Internet Access
  • TXOne EdgeOne
  • Trend Vision One Container Security
  • Mobile Network Security
principalName string true - The user principal name used to sign in to the proxy sample_email@trendmicro.com
  • Trend Micro Web Security
  • Zero Trust Secure Access - Internet Access
  • Trend Micro Cloud App Security
  • Zero Trust Secure Access - Private Access
profile string true - The name of the triggered Threat Protection template or Data Loss Prevention profile
  • Primary Protection Rule
  • Multibak Scaner Threat
  • default
  • Trend Micro Web Security
  • Zero Trust Secure Access - Internet Access
requestBase string true
  • DomainName
  • HostDomain
 The domain of the request URL
  • weather.service.msn.com
  • test.domain.com
  • Trend Micro Web Security
  • Zero Trust Secure Access - Internet Access
  • Zero Trust Secure Access - Private Access
rt string false - The Unix time of the log generation 1656324260000
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Apex One as a Service
  • Trend Micro Deep Security
  • Trend Micro Cloud App Security
  • Trend Micro Email Security
  • TippingPoint Security Management System
  • Endpoint Sensor
  • Trend Micro Web Security
  • Trend Cloud One - Network Security
  • Zero Trust Secure Access - Internet Access
  • Zero Trust Secure Access - Private Access
  • Email Sensor
sender string true - The roaming users or the gateway where the web traffic passed
  • test user
  • VE C&W - 10.10.10.10
  • Trend Micro Web Security
  • Zero Trust Secure Access - Internet Access
suid string true UserAccount User name or mailbox
  • root
  • US EXAMPLE\TEST
  • sample_email@trendmicro.com
  • Trend Cloud One - Endpoint & Workload Security
  • Trend Micro Cloud App Security
  • Trend Micro Apex One as a Service
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Web Security
  • Trend Micro Deep Security
  • Trend Cloud One - Network Security
  • Zero Trust Secure Access - Internet Access
urlCat dynamic true - The requested URL category
  • Untested
  • 158
  • Web Advertisement
  • Trend Micro Deep Discovery Inspector
  • Network Sensor
  • Trend Micro Web Security
  • Trend Micro Apex One as a Service
  • Zero Trust Secure Access - Internet Access
  • Trend Micro Cloud App Security
  • Trend Vision One Mobile Security
  • Trend Cloud One - Endpoint & Workload Security
userDepartment string true - User department
  • Operations
  • BANCA CONSTRUCCION
  • CONTACT CENTER
  • Trend Micro Web Security
  • Zero Trust Secure Access - Internet Access
userDomain string true
  • EndpointName
  • DomainName
  • AccountDomain
 The user domain
  • example.com.pa
  • DOMAIN
  • Trend Micro Apex One as a Service
  • Trend Micro Web Security
  • Zero Trust Secure Access - Internet Access

Field Statistics

Generated by XDR Common Schema Public Doc Generator V2

This site is open source. Improve this page.