IP network event parse from the NetworkEvent, passed back to the client from the RPC ListAssetEvents. IpNetworkEvent is a lookup event that has no domain associated with it. Example cases: * A machine curling a website's IP directly.
| JSON representation |
|---|
{ "eventTime" : string , "chip" : { object ( |
| Fields | |
|---|---|
eventTime
|
Date/time of lookup (i.e. not the time that the event was ingested). Uses RFC 3339, where generated output will always be Z-normalized and use 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: |
chip
|
The chip to display. |
ipAddress
|
The IP address looked up. Examples: "127.0.0.1" or "2001:cdba:0000:0000:0000:0000:3257:9652" |
httpDetails[]
|
Additional details about HTTP requests associated with this lookup. |
customerPrevalence
|
The prevalence of the domain within the customer's environment, defined for v1 as the number of unique assets per day looking up the domain name over the trailing 10 days. |
filterProperties
|
A list of filter properties associated the event. |
rawLogsToken
|
A token to request raw logs, this is opaque to the client. If empty, no raw logs can be requested. |
sidebarEntries[]
|
All the sidebar entries. |
assetIndicator
|
AssetIndicator used for pivoting. |
