%TIMESTAMP, %HWSERIALNUMBER, %APPNAME, %APPVERSION, %AVVENDOR, %AVENGINEVERS, %AVPATTERNVERS, (%AVPATTERNDATE), %MACHINENAME, %MACHINEIP, %SERVER, %CLIENT, %VIRUS, %URL,
File was passed through without being scanned
%REASON, %ACTION, %TIMESTAMP, %HWSERIALNUMBER, %APPNAME, %APPVERSION, %AVVENDOR, %AVENGINEVERS, %AVPATTERNVERS, (%AVPATTERNDATE), %MACHINENAME, %MACHINEIP, %SERVER, %CLIENT, %URL,
File was blocked (exclude virus case)
%REASON, %ACTION, %TIMESTAMP, %HWSERIALNUMBER, %APPNAME, %APPVERSION, %AVVENDOR, %AVENGINEVERS, %AVPATTERNVERS, (%AVPATTERNDATE), %MACHINENAME, %MACHINEIP, %SERVER, %CLIENT, %URL,
Anti-virus update failed
%TIMESTAMP, %AVVENDOR, %MACHINEIP, %AVENGINEVERS, %AVPATTERNVERS, %AVPATTERNDATE,
Anti-virus update succeeded
%TIMESTAMP, %AVVENDOR, %MACHINEIP, %AVENGINEVERS, %AVPATTERNVERS, %AVPATTERNDATE,
Intelligent connection traffic monitoring (ICTM)
%REASON, %TIMESTAMP, %HWSERIALNUMBER, %APPNAME, %APPVERSION, %MACHINENAME, %MACHINEIP, %URL,
Reboot
%MACHINENAME, %MACHINEIP, %REASON,
Sandboxing threat admin alert (Asynchronous)
%TIMESTAMP, %HWSERIALNUMBER, %APPNAME, %APPVERSION, %SANBOX_VENDOR, %MACHINENAME, %MACHINEIP, %SERVER, %CLIENT, %THREAT_SCORE, %URL, %THREAT_HTML_URL, %FIREEYE_THREAT_HTML_URL, %COUNTERTACK_TEXT_DETAILS, %COUNTERETACK_URL,
Sandboxing threat alert
%REASON, %ACTION, %TIMESTAMP, %HWSERIALNUMBER, %APPNAME, %APPVERSION, %MACHINENAME, %MACHINEIP, %SERVER, %CLIENT, %URL, %THREAT_HTML_URL, %FIREEYE_THREAT_HTML_URL,
File reputation threat alert
%REASON, %ACTION, %TIMESTAMP, %HWSERIALNUMBER, %APPNAME, %APPVERSION, %MACHINENAME, %MACHINEIP, %SERVER, %CLIENT, %URL,
Static analysis threat alert
%REASON, %ACTION, %TIMESTAMP, %HWSERIALNUMBER, %APPNAME, %APPVERSION, %AVENGINEVERS, %MACHINENAME, %MACHINEIP, %SERVER, %CLIENT, %URL, %CYLANCE_SCORE, %CYLANCE_DETAILS,