These are only two example i'v 6 in total with different log types
Dec 6 04:17:50 firepower2130 SFIMS: Protocol: TCP, SrcIP: X.X.X.X, OriginalClientIP: ::, DstIP: X.X.X.X, SrcPort: 38222, DstPort: 443, TCPFlags: 0x0, IngressZone: Outside_SDC, EgressZone: Inside_SDC, DE: Primary Detection Engine (a403c8ac-f133-11e9-aa8a-f9e616853924), Policy: FP-2130-SDC, ConnectType: Start, AccessControlRuleName: Default_IPS_Only, AccessControlRuleAction: Allow, Prefilter Policy: Default Prefilter Policy, UserName: No Authentication Required, Client: SSL client, ApplicationProtocol: HTTPS, InitiatorPackets: 3, ResponderPackets: 1, InitiatorBytes: 454, ResponderBytes: 78, NAPPolicy: Security Over Connectivity, DNSResponseType: No Error, Sinkhole: Unknown, URLCategory: ANY, URLReputation: Well known, URL: https://test.com
Dec 6 04:17:50 firepower2130 SFIMS: Protocol: UDP, SrcIP: X.X.X.X, OriginalClientIP: ::, DstIP: X.X.X.X, SrcPort: 11492, DstPort: 53, TCPFlags: 0x0, IngressZone: Inside, EgressZone: Outside, DE: Primary Detection Engine (a403c8ac-f133-11e9-aa8a-f9e616853924), Policy: FP-2130-SDC, ConnectType: Start, AccessControlRuleName: Default_IPS_Only, AccessControlRuleAction: Allow, Prefilter Policy: Default Prefilter Policy, UserName: No Authentication Required, Client: DNS client, ApplicationProtocol: DNS, InitiatorPackets: 1, ResponderPackets: 0, InitiatorBytes: 89, ResponderBytes: 0, NAPPolicy: Security Over Connectivity, DNSQuery: teredo.ipv6.microsoft.com, DNSRecordType: a host address, DNSResponseType: No Error, Sinkhole: Unknown, URLCategory: Unknown, URLReputation: Risk unknown