Appendix C Log Formats and System Messages
Table
Field Name | Description | |
|
|
|
|
|
|
Message | Packet trace seq begin | Packet trace not supported by Firewall. |
(cont.) |
|
|
|
|
|
| Packet trace seq end | Packet trace not supported by Firewall. |
|
|
|
The fields in this table are populated depending on the event being logged:
•Block event:
This event represents a firewall block. The Category, URL, Session Start and Bytes fields will be blank. The Firewall Rule field should be a hyperlink to the Firewall Rule edit page.
•Web Filter Block Event:
This event is generated for a Web request that is blocked by the box. All specified fields are provided. The category field will be populated if the Web request was blocked by the Web Filter Subscription service (not for a manual URL block).
Firewall Session Log Format
An example of a
87148
Regular Session Start
The following table describes the downloadable format of the Firewall Session Log:
Table
Field Name | Description |
|
|
|
|
Seq | Unique sequence number for this log file. |
|
|
Entry_time | Date and time of event. |
|
|
Sev | Severity of the alert, from least to most severe: |
| • INFO = for information only |
| • WARN = warning |
| • ERR= error |
| • CRIT = critical |
|
|
Comp | Software component that generated the message. |
| Examples: GEN, TNT |
SrcIP | The source IP address and port for the session. This represents the |
| “starter’ of the session. Format is ddd.ddd.ddd.ddd:port. |
|
|
298 X Family LSM User’s Guide V 2.5.1