IpNetworkEvent

IP network event parse from the NetworkEvent, passed back to the client from the RPC ListAssetEvents. IpNetworkEvent is a lookup event that has no domain associated with it. Example cases: * A machine curling a website's IP directly.

JSON representation 
{
  "event_time": string,
  "chip": {
    object (Chip)
  },
  "ip_address": string,
  "http_details": [
    {
      object (HttpDetails)
    }
  ],
  "customer_prevalence": integer,
  "filter_properties": {
    object (FilterProperties)
  },
  "raw_logs_token": string,
  "sidebar_entries": [
    {
      object (SidebarEntry)
    }
  ],
  "asset_indicator": {
    object (AssetIndicator)
  }
}
Fields
event_time

string (Timestamp format)

Date/time of lookup (i.e. not the time that the event was ingested).

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
chip

object (Chip)

The chip to display.
ip_address

string

The IP address looked up. Examples: "127.0.0.1" or "2001:cdba:0000:0000:0000:0000:3257:9652"
http_details[]

object (HttpDetails)

Additional details about HTTP requests associated with this lookup.
customer_prevalence

integer

The prevalence of the domain within the customer's environment, defined for v1 as the number of unique assets per day looking up the domain name over the trailing 10 days.
filter_properties

object (FilterProperties)

A list of filter properties associated the event.
raw_logs_token

string

A token to request raw logs, this is opaque to the client. If empty, no raw logs can be requested.
sidebar_entries[]

object (SidebarEntry)

All the sidebar entries.
asset_indicator

object (AssetIndicator)

AssetIndicator used for pivoting.