Page Comparison

eventdate

timestamp

machine

str

level

str

vlevel

severity

int4

priority

eventId

int8

action

str

action1

direction

str

direction_calculated

direction_parsed

action_type

str

protocol

str

protocol1

ifaceIn

str

srcIp

ip4

srcIp_ip6

ip6

srcIp_str

str

srcPort

int4

srcMac

str

srcMappedIp

ip4

srcMappedIp_ip6

ip6

srcMappedIp_str

str

ifaceOut

str

dstIp

ip4

dstIp_ip6

ip6

dstIp_str

str

dstPort

int4

dstMappedIp

ip4

dstMappedIp_ip6

ip6

dstMappedIp_str

str

type

int4

code

int4

aclId

str

connId

str

duration

str

bytes

int8

bytesXmt

int8

bytesRcv

int8

reason

str

srcXIp

ip4

srcXIp_ip6

ip6

srcXIp_str

str

srcXPort

int4

dstXIp

ip4

dstXIp_ip6

ip6

dstXIp_str

str

dstXPort

int4

hitCnt

int4

hitInterval

str

hashCodes

str

fwUserIn

str

fwUserOut

str

user

str

userIP

ip4

userIP_ip6

ip6

userIP_str

str

tcpFlags

str

srcSeqId

int4

dstXSeqId

int4

dstSeqId

int4

icmpType

int4

icmpCode

int4

ipaddr

ip4

ipaddr_ip6

ip6

ipaddr_str

str

connection

str

dap_details

str

ipOptions

str

accelType

str

errorMessage

str

usrName

str

fromLevel

int4

toLevel

int4

service

str

authAction

str

sessionType

str

group

str

groupPolicy

str

message

str

running

str

executed

str

server

ip4

server_ip6

ip6

server_str

str

publicIp

ip4

publicIp_ip6

ip6

publicIp_str

str

assignedIp

ip4

assignedIpv4

assignedIp_ip6

ip6

assignedIpv6

assignedIp_str4

str

assignedIp_str6

str

filename

str

userAgent

str

Object

str

currentBurstRate

int8

currentBurstMaxRate

int8

currentAverageRate

int8

currentAverageMaxRate

int8

cumulativeTotal

int8

block_size

int4

free_blocks

int4

max_blocks

int4

attrName

str

attrValue

str

size

int4

offset

int4

device

str

moduleId

str

appName

str

appVersion

str

state

str

connectionsInUse

int4

connectionsMostUsed

int4

url

str

numTries

int4

limitType

str

limitBytes

int8

hdrLen

int8

pktLen

int8

sessionNumber

int4

peerType

str

trustPoint

str

identityIp

ip4

identityIp_ip6

ip6

identityIp_str

str

remote_proxy

ip4

remote_proxy_ip6

ip6

remote_proxy_str

str

bay_number

str

serial_number

str

subject_name

str

cert_type

str

cert_name

str

expiration_date

str

issuer_name

str

pool

str

local_host

str

local_host_port

int4

remote_host

str

remote_host_port

int4

local_traffic_selector

str

local_traffic_protocol

str

local_traffic_port_range

str

remote_traffic_selector

str

remote_traffic_protocol

str

remote_traffic_port_range

str

session_id

str

attribute

str

ip6addr

str

hostOS

str

hostClient

str

luType

str

rawBrand

str

rawPhylum

str

rawFamily

str

rawGenus

str

rawSpecies

str

rawHostName

str

rawHostIp

str

✓

rawMessage

str

hostchain

str

✓

tag

str

✓

eventdate

timestamp

machine

str

level

str

vlevel

protocol

str

srcIp

ip4

origClientIp

str

dstIp

ip4

srcPort

str

dstPort

str

icmpType

str

icmpCode

str

tcpFlags

str

ifaceIn

str

ifaceOut

str

priority

str

de

str

policy

str

gid

str

sid

str

revision

str

message

str

impact

str

hostname

str

timestamp

timestamp

classification

str

connType

str

accessControlRuleName

str

accessControlRuleAction

str

prefilterPolicy

str

usrName

str

userAgent

str

clientName

str

clientVersion

str

applicationProtocol

str

initiatorPackets

int4

responderPackets

int4

initiatorBytes

int8

responderBytes

int8

acPolicy

str

napPolicy

str

dnsQuery

str

dnsRecordType

str

dnsResponseType

str

dnsTTL

int4

sinkhole

str

httpResponse

str

httpReferer

str

referencedHost

str

urlCategory

str

urlReputation

str

url

str

hostchain

str

✓

tag

str

✓

rawMessage

str

rawSource

✓

eventdate

timestamp

hostname

str

level

str

vlevel

process

str

sender

str

user_name

str

user_ip

str

subsystem

str

action

str

hostchain

str

✓

tag

str

✓

rawMessage

str

✓

eventdate

timestamp

hostname

str

level

str

vlevel

message

str

hostchain

str

✓

tag

str

✓

rawMessage

str

✓

eventdate

timestamp

hostname

str

level

str

vlevel

process

str

message

str

hostchain

str

✓

tag

str

✓

rawMessage

str

✓

eventdate

timestamp

hostname

str

level

str

vlevel

process

str

message

str

hostchain

str

✓

tag

str

✓

rawMessage

str

✓

eventdate

timestamp

recordType

int4

recordLength

int4

archiveTimestamp

timestamp

checksum

int4

deviceId

int4

legacyIpAddress

str

macAddress

str

hasIpv6

int4

eventSecond

int4

eventMicrosecond

int4

eventType

int4

eventSubtype

int4

ipv6Address

str

blockType

int4

blockLength

int4

ingressZone

str

egressZone

str

ingressInterface

str

egressInterface

str

initiatorIpAddress

str

responderIpAddress

str

policyRevision

str

ruleId

int8

ruleAction

int4

ruleReason

int4

initiatorPort

int4

responderPort

int4

tcpFlag

int4

protocol

int4

netflowSource

str

instanceId

int4

connectionCounter

int4

firstPacketTimestamp

timestamp

lastPacketTimestamp

timestamp

initiatorTransmittedPackets

int4

responderTransmittedPackets

int4

initiatorTransmittedBytes

int4

responderTransmittedBytes

int4

userId

int8

applicationId

int4

urlCategory

int4

urlReputation

int4

clientApplicationId

int4

webApplicationId

int4

clientUrl__blockType

int4

clientUrl__blockLength

int4

clientUrl__data

str

netbios__blockType

int4

netbios__blockLength

int4

netbios__data

str

clientApplicationVersion__blockType

int4

clientApplicationVersion__blockLength

int4

clientApplicationVersion__data

str

monitorRule1

int8

monitorRule2

int4

monitorRule3

int4

monitorRule4

int4

monitorRule5

int4

monitorRule6

int4

monitorRule7

int4

monitorRule8

int4

securityIntelligenceSourceDestination

int4

securityIntelligenceLayer

int4

fileEventCount

int4

intrusionEventCount

int4

initiatorCountry

int4

responderCountry

int4

iocNumber

int4

sourceAutonomousSystem

int4

destinationAutonomousSystem

int4

snmpIn

int4

snmpOut

int4

sourceTos

int4

destinationTos

int4

sourceMask

int4

destinationMask

int4

securityContext

str

vlanId

int4

referencedHost__blockType

int4

referencedHost__blockLength

int4

referencedHost__data

str

userAgent__blockType

int4

userAgent__blockLength

int4

userAgent__data

str

httpReferrer__blockType

int4

httpReferrer__blockLength

int4

httpReferrer__data

str

sslCertificateFingerprint

str

sslPolicyId

str

sslRuleId

int4

sslCipherSuite

int4

sslVersion

int4

sslServerCertificateStatus

int4

sslActualAction

int4

sslExpectedAction

int4

sslFlowStatus

int4

sslFlowError

int4

sslFlowMessages

int4

sslFlowFlags

int4

sslServerName__blockType

int4

sslServerName__blockLength

int4

sslServerName__data

str

sslUrlCategory

int4

sslSessionId

str

sslSessionIdLength

int4

sslTicketId

str

sslTicketIdLength

int4

networkAnalysisPolicyRevision

str

endpointProfileId

int4

securityGroupId

int4

locationIpv6

str

httpResponse

int4

dnsQuery__blockType

int4

dnsQuery__blockLength

int4

dnsQuery__data

str

dnsRecordType

int4

dnsResponseType

int4

dnsTtl

int4

sinkholeUuid

str

securityIntelligenceList1

int4

securityIntelligenceList2

int4

at_computed__recordTypeCategory

str

at_computed__recordTypeDescription

str

at_computed__transportProtocol

str

at_computed__webApplication

str

at_computed__clientApplication

str

at_computed__applicationProtocol

str

at_computed__securityIntelligenceIp

str

at_computed__securityIntelligenceEvent

str

at_computed__urlCategory

str

at_computed__urlReputation

str

at_computed__firewallRule

str

at_computed__firewallRuleAction

str

at_computed__firewallRuleReason

str

at_computed__firewallPolicy

str

at_computed__ingressInterface

str

at_computed__egressInterface

str

at_computed__ingressSecurityZone

str

at_computed__egressSecurityZone

str

at_computed__sourceIpCountry

str

at_computed__destinationIpCountry

str

at_computed__user

str

at_computed_dnsRecordName

str

at_computed_dnsRecordDescription

str

at_computed__sslActualAction

str

at_computed__sslExpectedAction

str

at_computed__sslFlowStatus

str

at_computed__sslServerCertificateStatus

str

at_computed__sslCipherSuite

str

at_computed__sslVersion

str

at_computed__monitorRule1

str

at_computed__monitorRule2

str

at_computed__monitorRule3

str

at_computed__monitorRule4

str

at_computed__monitorRule5

str

at_computed__monitorRule6

str

at_computed__monitorRule7

str

at_computed__sensor

str

at_computed__eventDescription

str

at_computed__eventSecond

timestamp

at_computed__eventDateTime

timestamp

hostchain

str

 ✓

tag

str

 ✓

rawMessage

str

 ✓

eventdate

timestamp

recordType

int4

recordLength

int4

correlationPolicyId

int4

nameLength

int4

name

str

descriptionLength

int4

description

str

uuid

int4

revisionUuid

int4

correlationBlockType

int4

correlationBlockLength

int4

deviceId

int4

eventSecond

int4

eventId

int4

policyId

int4

ruleId

int4

priority

int4

stringBlockType

int4

stringBlockLength

int4

eventType

int4

eventDeviceId

int4

signatureId

int4

signatureGeneratorId

int4

eventMicrosecond

int4

eventDefinedMask

str

eventImpactFlags

str

ipProtocol

int4

networkProtocol

int4

sourceIpAddress

str

sourceHostType

int4

sourceVlanId

int4

sourceOsFingerprintUuid

int4

sourceCriticality

int4

sourceUserId

int4

sourcePort

int4

sourceServerId

int4

destinationIpAddress

str

destinationHostType

int4

destinationVlanId

int4

destinationOsFingerprintUuid

int4

destinationCriticality

int4

destinationUserId

int4

destinationPort

int4

destinationServiceId

int4

blocked

int4

ingressInterfaceUuid

int4

egressInterfaceUuid

int4

ingressZoneUuid

int4

egressZoneUuid

int4

sourceIpv6Address

str

destinationIpv6Address

str

hostchain

str

 ✓

tag

str

 ✓

rawMessage

str

 ✓

eventdate

timestamp

recordType

int4

recordLength

int4

intrusionImpactAlertBlockType

int4

intrusionImpactAlertBlockLength

int4

eventId

int4

deviceId

int4

eventSecond

int4

impact

str

sourceIpAddress

str

destinationIpAddress

str

stringBlockType

int4

stringBlockType_str

str

stringBlockType

stringBlockLength

int4

description

str

eventExtraDataDataBlockType

int4

eventExtraDataDataBlockLength

int4

type

int4

blobBlockType

int4

length

int4

extraData

str

correlationBlockType

int4

correlationBlockLength

int4

policyId

int4

ruleId

int4

priority

int4

eventType

int4

eventDeviceId

int4

signatureId

int4

signatureGeneratorId

int4

eventMicrosecond

int4

eventDefinedMask

str

eventImpactFlags

str

ipProtocol

int4

networkProtocol

int4

sourceHostType

int4

sourceVlanId

int4

sourceOsFingerprintUuid

int4

sourceCriticality

int4

sourceUserId

int4

sourcePort

int4

sourceServerId

int4

destinationHostType

int4

destinationVlanId

int4

destinationOsFingerprintUuid

int4

destinationCriticality

int4

destinationUserId

int4

destinationPort

int4

destinationServiceId

int4

blocked

int4

intrusionPolicy

int4

ruleAction

int4

netbiosDomain

str

urlCategory

int4

urlReputation

int4

url

str

clientId

int4

clientVersion

str

accessControlPolicyRevision

int4

accessControlRuleId

int4

ingressInterfaceUuid

int4

egressInterfaceUuid

int4

ingressZoneUuid

int4

egressZoneUuid

int4

sourceIpv6Address

str

destinationIpv6Address

str

sourceCountry

int4

destinationCountry

int4

securityIntelligenceUuid

int4

securityContext

int4

sslPolicyId

int4

sslRuleId

int4

sslActualAction

int4

sslFlowStatus

int4

sslCertificateFingerprint

int4

ampforEndpointsFileTypeId

int4

ampforEndpointsFileTypeLength

int4

ampforEndpointsFileType

str

uuidStringDataBlockType

int4

uuidStringDataBlockLength

int4

sinkholeUuid

int4

sinkholeNameLength

int4

sinkholeName

str

accessControlPolicyMetadataBlockType

int4

accessControlPolicyMetadataBlockLength

int4

accessControlPolicyUuid

int4

sensorId

int4

name

str

accessControlRuleReasonBlockType

int4

accessControlRuleReasonBlockLength

int4

prefilterPolicyUuid

int4

archiveTimestamp

timestamp

checksum

int4

blockType

str

blockLength

int4

uuid

str

description_object

json

name_object

json

computed

json

hostchain

str

 ✓

tag

str

 ✓

rawMessage

str

 ✓

eventdate

timestamp

hostname

str

recordType

int4

recordLength

int4

archiveTimestamp

timestamp

checksum

int4

blockType

int4

blockLength

int4

deviceId

int4

connectionInstance

int4

connectionCounter

int4

connectionTimestamp

timestamp

fileEventTimestamp

timestamp

sourceIpAddress

str

destinationIpAddress

str

disposition

int4

speroDisposition

int4

fileStorageStatus

int4

fileAnalysisStatus

int4

localMalwareAnalysisStatus

int4

archiveFileStatus

int4

threatScore

int4

action

int4

shaHash

str

fileTypeId

int4

fileName__blockType

int4

fileName__blockLength

int4

fileName__data

str

fileSize

int4

direction

int4

applicationId

int4

userId

int8

uri__blockType

int4

uri__blockLength

int4

uri__data

str

signature__blockType

int4

signature__blockLength

int4

signature__data

str

sourcePort

int4

destinationPort

int4

protocol

int4

accessControlPolicyUuid

str

sourceCountry

int4

destinationCountry

int4

webApplicationId

int4

clientApplicationId

int4

securityContext

str

sslCertificateFingerprint

str

sslActualAction

int4

sslFlowStatus

int4

archiveSha__blockType

int4