You must log the traffic with Extended Logging to get that information.

You will find it in the Session tab of the Log card:

I presume if we log it, it will also be sent to a SIEM as well, particularly if you're using Log Exporter.

See Log Exporter guide‌ for more details. 

Thanks Dameon Welch Abernathy‌.  I changed the log type to this in the URL/Application control blade, but I am still not seeing this value in the URL filtering log I am getting.

Does this only work on the Application Control blade?  Was it added in a recent version?  Is there a way to tweak what is logged in "Extended Logging" ?

You must have App Control/URL Filtering enabled for this to work, both on the gateway and, R80+, the relevant layer.

What is logged by Extended Logging is determined by what blades are active on the relevant gateway and layer.

Thanks!  I think R80 is my current stumbling block.  We are migrating to R80.10 gateways in the next few weeks...so I'll be able to verify then.   Thanks!!!!!

This should also work in R77.30 as well, though it's in the App Control layer you use Extended Logging.