Identity Firewall user session data on client machine
Identity Firewall user session data on a client machine (typically a VM).
Multiple entries for the same user can be returned if the user logins to
multiple sessions on the same VM.
Name | Description | Type | Notes |
---|---|---|---|
domain_name | AD Domain AD Domain of user. |
string | Required |
id | User session data Identifier Identifier of user session data. |
string | Readonly |
login_time | Login time Login time. |
EpochMsTimestamp | Required |
logout_time | Logout time if applicable Logout time if applicable. An active user session has no logout time. Non-active user session is stored (up to last 5 most recent entries) per VM and per user. |
EpochMsTimestamp | |
session_source | Source for the user session User session source can be one of: - GI (Guest Introspection) - ELS (AD Event log server) - LI (Log Insight) |
string | Readonly Enum: GI, ELS, LI |
user_id | AD user ID (may not exist) AD user ID (may not exist). |
string | Readonly |
user_name | AD user name AD user name. |
string | Required |
user_session_id | User session ID User session ID. This also indicates whether this is VDI / RDSH. |
int | Required |
vm_ext_id | Virtual machine external ID or BIOS UUID Virtual machine (external ID or BIOS UUID) where login/logout events occurred. |
string | Required Readonly |