G DATA
G DATA endpoint logs report detections, cleanup actions and audit events across managed Windows, macOS and Linux hosts.
EnginsightGlobal Fields (4)
| Field | Type |
|---|---|
ngs.id Unique identifier for the log entry. | string |
ngs.createdAt Timestamp when the event was created locally. | pdate |
ngs.indexedAt Timestamp when the log was indexed into the SIEM. | pdate |
ngs.source Origin or source system of the log. | string |
Reference-Specific Fields (47)
| Field | Type |
|---|---|
gdata.Virusname | text_general |
gdata.act | text_general |
gdata.Product | string |
gdata.dvchost | text_general |
gdata.dvc | text_general |
gdata.Severity | pint |
gdata.Report_ID | pint |
gdata.Quarantine_File | text_general |
gdata.ProductVersion | text_general |
gdata.start | pdate |
gdata.Vendor | string |
gdata.EventClassID | pint |
gdata.deviceExternalId | string |
gdata.Message | text_general |
gdata.GDataTenantId | pint |
gdata.filepath | text_general |
gdata.suser | text_general |
gdata.cat | string |
gdata.cn1 | plong |
gdata.cn1Label | string |
gdata.cn2 | plong |
gdata.cn2Label | string |
gdata.cs1 | string |
gdata.cs1Label | string |
gdata.cs2 | string |
gdata.cs2Label | string |
gdata.cs3 | string |
gdata.cs3Label | string |
gdata.cs4 | string |
gdata.cs4Label | string |
gdata.cs5 | string |
gdata.cs5Label | string |
gdata.cs6 | string |
gdata.cs6Label | string |
gdata.GDataRefId | string |
gdata.dproc | text_general |
gdata.GDataThreat | text_general |
gdata.sproc | text_general |
gdata.spid | plong |
gdata.GDataClientDescription | text_general |
gdata.GDataNetgroupId | plong |
gdata.duser | text_general |
gdata.request | string |
gdata.fileHash | string |
gdata.fname | text_general |
gdata.GDataTenant | string |
gdata.GDataRequestStatus | string |
Sample Log Event
Below is a representative JSON log entry showing key fields as they’re emitted by the system. Depending on the context of the event, some fields may be omitted if they’re not applicable.