Document toolboxDocument toolbox

swg.broadcom

Owned by Anthony Shevlin (Deactivated)
Aug 11, 2023
1 min read

[ Introduction ] [ Valid tags and data tables  ] [ Table structure ]

Introduction

The tags beginning with swg.broadcom identify events generated by Broadcom.

Valid tags and data tables 

The full tag must have four levels. The first two are fixed as swg.broadcom. The third level identifies the type of events sent. The fourth indicates the event subtype.

These are the valid tags and corresponding data tables that will receive the parsers' data:

Product / Service

Tags

Data tables

Product / Service

Tags

Data tables

Broadcom

swg.broadcom.wss.access

swg.broadcom.wss.access

For more information, read more about Devo tags.

Table structure

These are the fields displayed in this table:

Field

Type

Extra field

Field

Type

Extra field

eventdate

timestamp

 

hostname

str

 

x_bluecoat_request_tenant_id

int4

 

datetime

timestamp

 

x_bluecoat_appliance_name

str

 

time_taken

int4

 

c_ip

ip4

 

cs_userdn

str

 

cs_auth_groups

str

 

x_exception_id

str

 

sc_filter_result

str

 

cs_categories

str

 

cs_referer

str

 

sc_status

int4

 

s_action

str

 

cs_method

str

 

rs_content_type

str

 

cs_uri_scheme

str

 

cs_host

str

 

cs_uri_port

int4

 

cs_uri_path

str

 

cs_uri_query

str

 

cs_uri_extension

str

 

cs_user_agent

str

 

s_ip

ip4

 

sc_bytes

int4

 

cs_bytes

int4

 

x_data_leak_detected

str

 

x_virus_id

str

 

x_bluecoat_location_id

str

 

x_bluecoat_location_name

str

 

x_bluecoat_access_type

str

 

x_bluecoat_application_name

str

 

x_bluecoat_application_operation

str

 

r_ip

ip4

 

r_supplier_country

str

 

x_rs_connection_negotiated_ssl_version

str

 

x_rs_connection_negotiated_cipher

str

 

x_rs_connection_negotiated_cipher_size

str

 

x_rs_certificate_hostname

str

 

x_rs_certificate_hostname_categories

str

 

x_cs_connection_negotiated_ssl_version

str

 

x_cs_connection_negotiated_cipher

str

 

x_cs_connection_negotiated_cipher_size

str

 

x_cs_certificate_subject

str

 

cs_icap_status

str

 

cs_icap_error_details

str

 

rs_icap_status

str

 

rs_icap_error_details

str

 

s_supplier_ip

ip4

 

s_supplier_country

str

 

s_supplier_failures

str

 

x_cs_client_ip_country

str

 

cs_threat_risk

str

 

x_rs_certificate_hostname_threat_risk

str

 

x_client_agent_type

str

 

x_client_os

str

 

x_client_agent_sw

str

 

x_client_device_id

str

 

x_client_device_name

str

 

x_client_device_type

str

 

x_bluecoat_transaction_uuid

str

 

hostchain

str

✓

tag

str

✓

rawMessage

str

✓