Logs Table
| Field Name | Description |
|---|---|
| Default Fields | |
| Time | Time of the event. |
| Account | Account name. |
| Product Family | Check Point product family. For example, Quantum, Harmony or CloudGuard. |
| Cloud Service | The cloud service used by the Check Point product. For example, Quantum Gateways. |
| Blade/Practice Type | Software blade that triggered the event. For example, Firewall, VPN, Syslog. |
| Action | Action enforced on the event:
|
| Severity | Severity of the event:
|
| User | User logged in at the time of the event. |
| Additional Fields | |
| Alert | Type of alert generated for the event. For example, spoof alert, mail. |
| Destination | Destination IP address. |
| Direction | Direction of the network traffic:
|
| Domain | Domain name sent to DNS request. |
| Log ID | Unique identity for logs. Includes Type, Family, Product/Blade, Category. |
| Message | Message displayed for the security event. For example, remote access client IP address and port were changed. |
| Origin | Name of the first Security Gateway that reported this event. |
| Source | Source IP address. |