keyboard_arrow_right
keyboard_arrow_left
Nachrichten-ID |
Nachricht |
00001 |
Firewall-Datenverkehr erlaubt |
00002 |
Firewall-Datenverkehr abgewiesen |
00003 |
Firewall-Datenverkehr von Galileo Heartbeat verworfen |
01001 |
Ungültiger Datenverkehr verworfen |
01301 |
Fragmentierter Datenverkehr abgewiesen |
01601 |
Ungültiger fragmentierter Datenverkehr abgewiesen |
02001 |
Lokaler ACL-Datenverkehr erlaubt |
02002 |
Lokaler ACL-Datenverkehr abgewiesen |
03001 |
DoS-Angriff verworfen |
04001 |
Per ICMP umgeleitetes Paket verworfen |
05001 |
Von der Quelle geroutetes Paket verworfen |
05051 |
Fremder Host abgewiesen |
05101 |
IPMAC-Paar abgewiesen |
05151 |
IP-Spoof abgewiesen |
05201 |
SSL-VPN-Ressourcenzugriff verweigert |
05301 |
ARP-Flood-Datenverkehr abgewiesen |
05401 |
Datenverkehr für virtuellen Host <virtualhostname> wird abgewiesen, kein interner Server zur Verarbeitung des Datenverkehrs verfügbar. |
Beispielprotokolle:
6/9/2015 1:29 PM,Info,10.20.22.172,timezone=""IST"" device_name=""SG135"" device_id=SFDemo1234567890 log_id=010302602002 log_type=""Security Policy"" log_component=""Appliance Access"" log_subtype=""Denied"" status=""Deny"" priority=Information duration=0 fw_rule_id=0 policy_type=0 user_name="""" user_gp="""" iap=0 ips_policy_id=0 appfilter_policy_id=0 application="""" application_risk=0 application_technology="""" application_category="""" in_interface=""eth0"" out_interface="""" src_mac=00:90:fb:37:6e:0e src_ip=10.20.21.89 src_country_code= dst_ip=10.20.23.255 dst_country_code= protocol=""UDP"" src_port=137 dst_port=137 sent_pkts=0 recv_pkts=0 sent_bytes=0 recv_bytes=0 tran_src_ip= tran_src_port=0 tran_dst_ip= tran_dst_port=0 srczonetype="""" srczone="""" dstzonetype="""" dstzone="""" dir_disp="""" connid="""" vconnid="""" hb_health=""No Heartbeat""
6/9/2015 1:29 PM,Info,10.20.22.173,timezone=""IST"" device_name=""SG135"" device_id=SFDemo1234567890 log_id=016602600003 log_type=""Security Policy"" log_component=""Heartbeat"" log_subtype=""Denied"" status=""Deny"" priority=Information duration=0 fw_rule_id=6 policy_type=1 user_name=""atp25"" user_gp="""" iap=2 ips_policy_id=0 appfilter_policy_id=0 application="""" application_risk=0 application_technology="""" application_category="""" in_interface=""eth0"" out_interface="""" src_mac=00:50:56:85:78:80 src_ip=10.20.21.179 src_country_code= dst_ip=10.201.4.51 dst_country_code= protocol=""UDP"" src_port=49321 dst_port=53 sent_pkts=0 recv_pkts=0 sent_bytes=0 recv_bytes=0 tran_src_ip= tran_src_port=0 tran_dst_ip= tran_dst_port=0 srczonetype="""" srczone="""" dstzonetype="""" dstzone="""" dir_disp="""" connid="""" vconnid="""" hb_health=""Red""
6/9/2015 1:29 PM,Info,10.20.22.172,timezone=""IST"" device_name=""SG135"" device_id=SFDemo1234567890 log_id=010101600001 log_type=""Security Policy"" log_component=""Policy Rule"" log_subtype=""Allowed"" status=""Allow"" priority=Information duration=10 fw_rule_id=3 policy_type=0 user_name=""iview1"" user_gp="""" iap=1 ips_policy_id=0 appfilter_policy_id=1 application=""FTP Base"" application_risk=4 application_technology=""Client Server"" application_category=""Infrastructure"" in_interface=""eth0"" out_interface="""" src_mac=00: 0:00: 0:00: 0 src_ip=10.20.21.159 src_country_code=R1 dst_ip=10.201.3.102 dst_country_code=R1 protocol=""TCP"" src_port=1558 dst_port=34322 sent_pkts=4 recv_pkts=2 sent_bytes=172 recv_bytes=92 tran_src_ip= tran_src_port=0 tran_dst_ip=10.20.22.173 tran_dst_port=0 srczonetype=""LAN"" srczone=""LAN"" dstzonetype="""" dstzone="""" dir_disp="""" connevent=""Stop"" connid=""2818264736"" vconnid="""" hb_health=""No Heartbeat""
6/9/2015 1:29 PM,Info,10.20.22.172,timezone=""IST"" device_name=""SG135"" device_id=SFDemo1234567890 log_id=010202601001 log_type=""Security Policy"" log_component=""Invalid Traffic"" log_subtype=""Denied"" status=""Deny"" priority=Information duration=0 fw_rule_id=0 policy_type=0 user_name="""" user_gp="""" iap=0 ips_policy_id=0 appfilter_policy_id=0 application="""" application_risk=0 application_technology="""" application_category="""" in_interface=""eth0"" out_interface="""" src_mac=00:50:56:95:62:26 src_ip=10.20.21.159 src_country_code= dst_ip=92.123.102.76 dst_country_code= protocol=""TCP"" src_port=1300 dst_port=443 sent_pkts=0 recv_pkts=0 sent_bytes=0 recv_bytes=0 tran_src_ip= tran_src_port=0 tran_dst_ip= tran_dst_port=0 srczonetype="""" srczone="""" dstzonetype="""" dstzone="""" dir_disp="""" connid="""" vconnid="""" hb_health=""No Heartbeat""
6/9/2015 1:29 PM,Info,10.20.22.172,timezone=""IST"" device_name=""SG135"" device_id=SFDemo1234567890 log_id=010301602001 log_type=""Security Policy"" log_component=""Appliance Access"" log_subtype=""Allowed"" status=""Allow"" priority=Information duration=16 fw_rule_id=0 policy_type=0 user_name="""" user_gp="""" iap=0 ips_policy_id=0 appfilter_policy_id=0 application="""" application_risk=0 application_technology="""" application_category="""" in_interface=""eth0"" out_interface="""" src_mac=00: 0:00: 0:00: 0 src_ip=10.20.20.15 src_country_code= dst_ip=10.20.22.173 dst_country_code= protocol=""TCP"" src_port=53371 dst_port=80 sent_pkts=10 recv_pkts=13 sent_bytes=2128 recv_bytes=8496 tran_src_ip= tran_src_port=0 tran_dst_ip= tran_dst_port=0 srczonetype="""" srczone="""" dstzonetype="""" dstzone="""" dir_disp="""" connevent=""Stop"" connid=""1388929440"" vconnid="""" hb_health=""No Heartbeat""
6/9/2015 1:29 PM,Info,10.20.22.172,timezone=""IST"" device_name=""SG135"" device_id=SFDemo1234567890 log_id=011902605151 log_type=""Security Policy"" log_component=""IP Spoof"" log_subtype=""Denied"" status=""Deny"" priority=Information duration=0 fw_rule_id=0 policy_type=0 user_name="""" user_gp="""" iap=0 ips_policy_id=0 appfilter_policy_id=0 application="""" application_risk=0 application_technology="""" application_category="""" in_interface="""" out_interface="""" src_mac= src_ip=169.254.234.5 src_country_code= dst_ip=128.0.0.1 dst_country_code= protocol=""ICMP"" icmp_type=0 icmp_code=0 sent_pkts=0 recv_pkts=0 sent_bytes=0 recv_bytes=0 tran_src_ip= tran_src_port=0 tran_dst_ip= tran_dst_port=0 srczonetype="""" srczone="""" dstzonetype="""" dstzone="""" dir_disp="""" connid="""" vconnid="""" hb_health=""No Heartbeat""