Skip to main content
Skip table of contents

URL Detection Event

Vendor Documentation


Rule Name

Rule Type


Common Event

URL Detection EventBase RuleActivityGeneral Threat Message

Mapping with LogRhythm Schema

Device Key in Log Message

LogRhythm Schema

Data Type

Schema Description

Header (logVer)N/AN/ACEF format version
Header (vendor)N/AN/AAppliance vendor
Header (pname)N/AN/AAppliance product
Header (pver)N/AN/AAppliance version
Header (eventid)N/AN/ASignature ID
Header (eventName)<vendorinfo>Text/StringDescription
Header (severity)<severity>NumberSeverity
catN/AN/AEvent category
cs1<threatname>Text/StringThreat Name
cs1LabelN/AN/AThreat Name label
cs2N/AN/AInternal email ID
cs2LabelN/AN/AInternal email ID label
deviceExternalIdN/AN/AAppliance GUID
dvcN/AN/AAppliance IP address
dvchostN/AN/AAppliance host name
dvcmacN/AN/AAppliance MAC address
rtN/AN/ALog generation time
Format: Unix time stamp (number of milliseconds since Jan 01 1970 UTC)
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.