Identity Firewall user session data on client machine
Identity Firewall user session data on a client machine (typically a VM).
Multiple entries for the same user can be returned if the user logins to
multiple sessions on the same VM.
| Name | Description | Type | Notes |
|---|---|---|---|
| domain_name | AD Domain AD Domain of user. |
string | Required |
| id | User session data Identifier Identifier of user session data. |
string | Readonly |
| login_time | Login time Login time. |
EpochMsTimestamp | Required |
| logout_time | Logout time if applicable Logout time if applicable. An active user session has no logout time. Non-active user session is stored (up to last 5 most recent entries) per VM and per user. |
EpochMsTimestamp | |
| session_source | Source for the user session User session source can be one of: - GI (Guest Introspection) - ELS (AD Event log server) - LI (Log Insight) |
string | Readonly Enum: GI, ELS, LI |
| user_id | AD user ID (may not exist) AD user ID (may not exist). |
string | Readonly |
| user_name | AD user name AD user name. |
string | Required |
| user_session_id | User session ID User session ID. This also indicates whether this is VDI / RDSH. |
int | Required |
| vm_ext_id | Virtual machine external ID or BIOS UUID Virtual machine (external ID or BIOS UUID) where login/logout events occurred. |
string | Required Readonly |