| Appendix A - Logs | 554

Data Fields

trans_src_port trans_dst_ip trans_dst_port srczonetype srczone dstzonetype dstzone dir_disp conn_event conn_id vconn_id

Type

integer integer integer string string string string string integer integer

Description

Translated source port for outgoing traffic. It is applicable only in route mode.

Possible values

"" - When appliance is deployed in Bridge mode or source port translation is not done.

Port - Port with which the original port is translated.

Translated destination IP address for outgoing traffic. It is applicable only in route mode.

Possible values

"" - When appliance is deployed in Bridge mode or destination IP translation is not done.

IP Address - IP address with which the original destination IP is translated.

Translated destination port for outgoing traffic. It is applicable only in route mode.

Possible values

"N/A" - When appliance is deployed in Bridge mode or destination port translation is not done.

Port - Port with which the original port is translated.

Type of source zone, e.g., LAN

Name of source zone

Type of destination zone, e.g., WAN

Name of destination zone

Packet direction. Possible values:“org”, “reply”, “”

Event on which this log is generated

Unique identifier of connection

Connection ID of the master connection

IPS Logs

Logs are displayed only if Network Protection Module is subscribed.

Message ID

06001

06002

07001

07002

Message

IPS Anomaly detected

IPS Anomaly dropped

IPS Signature detected

IPS Signature dropped

Sample Logs:

device="SFW" date=2017-02-01 time=12:51:35 timezone="IST" device_name="CR750iNG-XP" device_id=C44313350024-P29PUA log_id=020804407002 log_type="IDP" log_component="Signatures"