Mappings: McAfee WebGateway - CEF - File Download
Input | Value |
---|---|
Vendor | McAfee |
Product | WebGateway |
Log Format | CEF |
Event ID Regex Pattern | FILE_DOWNLOAD |
Output | Value |
---|---|
Vendor | McAfee |
Product | Web Gateway |
Record Type | Audit |
Cloud SIEM Schema Field | Original Record Key | Notes |
---|---|---|
action | Action | |
description | None | The static text An audit file was downloaded from the web gateway is populated in this schema field. |
device_hostname | Appliance | |
timestamp | Timestamp | We expect the orginal record value of Timestamp is in the format dd/MMM/yyyy:HH:mm:ss.SSS |
user_username | User |