Attack
MONITORAPP WEB Insights logger provides the fields below.
| Type | Field | Display Name | Description |
|---|---|---|---|
| Date | event_time | Event time | |
| String | log_type | Log type | e.g. DETECT |
| String | version | Version | e.g. v4.1, v5.0 |
| String | risk | Severity | e.g. HIGH, MEDIUM, LOW |
| IP address | src_ip | Source IP | |
| Integer | src_port | Source port | |
| IP address | dst_ip | Destination IP | |
| Integer | dst_port | Destination port | |
| String | app | Application | e.g. https |
| String | category | Category | |
| String | signature | Signature | e.g. Abnormal HTTP Request |
| String | reason | Reason | |
| String | sid | Pattern code | e.g. 15 |
| String | host | Host | Host HTTP header |
| Long | sent_bytes | Sent bytes | The size sent by the client to the server |
| String | raw_data | Payload | Original HTTP request |