Example
This is nn example of a v12 Web log event:
timestamp,policy identity label,internal client ip,external client ip,destination ip,content type,action,url,referer,user agent,status code,request size,response size,response body size,sha—sha256,categories,av detections,puas,amp disposition,AMP malware name,amp score,policy identity type,blocked categories,identities,identity types,request method,dlp status,certificate errors,file name,ruleset id,rule ID,destination list ids,isolate action,file action,warn status,forwarding method,producer,msp organization id,geo location of blocked destination countries,application ids,hostname,data center,egress,server name,time based rule,security overridden,detected response file type,warn categories,organization id,application entity name,application entity category, egress iP
"2025-01-06 13:39:24","SIG2-Denver","10.X.X.X","10.X.X.X","10.X.X.X","","ALLOWED","https://example.com","","","200","1557","6441","","","Software/Technology,Allow List,Computers and Internet","","","","","","Network Tunnels","","SIG2-EX,RTO-XXXX-SIG","Network Tunnels,Internal Networks","CONNECT","","","","13368132","610352","9999583","not_isolated","","","","","","","","swg-nginx-proxy-https-4335ec07f282.signginx.den1","DEN1","true","winatp-gw-eus.microsoft.com","false","false","","","2204063","","",:"1.1.1."