home

Mobile Endpoint Security

Lookout Product Documentation

Find answers about using and optimizing Lookout products.

Mapping Lookout Events to QRadar LEEF Fields

This section describes the contents of mobile threat, device, and audit events generated by the Lookout Mobile Risk API and provides mappings of Lookout event fields into QRadar LEEF (Log Event Extended Format) fields.

On the event details page, fields are grayed out and marked N/A when they are not applicable.

You can enable privacy controls for your Lookout tenant to prevent certain event field data from being mapped into your SIEM. An asterisk (*) denotes fields that you can make private. Contact Lookout Enterprise Support to enable privacy for your Lookout tenant.