\{"time": "%s{time}", "recordid": %d{recordid}, "login": "%s{login}", "ehost": "%s{ehost}", "sip": "%s{sip}", "cip": "%s{cip}", "cintip": "%s{cintip}", "eurl": "%s{eurl}", "ua": "%s{ua}", "module": "%s{module}", "proto": "%s{proto}", "action": "%s{action}", "reason": "%s{reason}", "appname": "%s{appname}", "appclass": "%s{appclass}", "filetype": "%s{filetype}", "reqsize": %d{reqsize}, "respsize": %d{respsize}, "totalsize": %d{totalsize}, "malwarecat": "%s{malwarecat}", "malwareclass": "%s{malwareclass}", "threatname": "%s{threatname}", "riskscore": %d{riskscore}, "dlpeng": "%s{dlpeng}", "dlpdict": "%s{dlpdict}", "location": "%s{location}", "dept": "%s{dept}", "reqmethod": "%s{reqmethod}", "respcode": "%s{respcode}", "respversion": "%s{respversion}", "urlclass": "%s{urlclass}", "urlsupercat": "%s{urlsupercat}", "urlcat": "%s{urlcat}", "ereferer": "%s{ereferer}", "contenttype": "%s{contenttype}", "unscannabletype": "%s{unscannabletype}", "devicehostname": "%s{devicehostname}", "deviceowner": "%s{deviceowner}", "keyprotectiontype": "%s{keyprotectiontype}"\} | 
