Skip to main content
Skip table of contents

V 2.0 : HTTPS Inspection Events

Vendor Documentation


Rule NameRule TypeCommon EventClassification
V 2.0 : HTTPS Inspection EventsBase RuleGeneral Network TrafficNetwork Traffic
V 2.0 : HTTPS Inspect : Action FailedSub RuleAction FailureError
V 2.0 : HTTPS Inspect : Action StartedSub RuleStart ActionInformation

Mapping with LogRhythm Schema

Device Key in Log MessageLogRhythm SchemaData TypeSchema Description
SubproductN/AN/ACan be VPN or non-VPN
Product<vmid>Text/StringProduct name
Originip<dip>IP AddressIP of the log origin 
originN/AN/AName of the first Security Gateway that reported this event
SIP<sip>IP AddressSource IP
SPort<sport>NumberSource host port number
DIPN/AN/ADestination IP
dport<dport>NumberDestination port
ifname<sinterface>Text/StringThe name of the Security Gateway interface through which a connection traverses
ifdirectionN/AN/AConnection direction
dst_machine_name<dname>Text/StringMachine name connected to destination IP
src_machine_name<sname>Text/StringMachine name connected to source IP
protocol<protnum>NumberProtocol detected on the connection
UserN/AN/ASource user name
src_user_name<login>Text/StringUser name connected to source IP
dst_user_name<account>Text/StringConnected user name on the destination IP
matched_categoryN/AN/AName of matched category
HTTPS_inspection_rule_nameN/AN/AName of the matched rule
timeN/AN/AThe time stamp when the log was created
Severity<severity>NumberThreat severity determined by ThreatCloud
Possible values:
0 - Informational
1 - Low
2 - Medium
3 - High
4 - Critical
Reason<reason>Text/StringInformation on the error occurred
alertN/AN/AAlert level of matched rule (for connection logs)
flagsN/AN/ACheckpoint internal field
loguidN/AN/AUUID of unified logs 
originsicnameN/AN/AMachine SIC 
sequencenumN/AN/ANumber added to order logs with the same Linux timestamp and origin
failure_impact<result>Text/StringThe impact of update service failure
update_serviceN/AN/ACheckpoint internal field
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.