AviatrixUser Log Messages

https://docs.aviatrix.com/documentation/latest/controller-platform-administration/aviatrix-logging.html?expand=true#overview-of-controller-and-gateway-logging

https://docs.aviatrix.com/documentation/latest/controller-platform-administration/aviatrix-logging.html?expand=true#log-management-system-formats

Rule Name

Rule Type

Common Event

Classification

AviatrixUser Log Messages

Base Rule

General Information

Information

Device Key in Log Message

LogRhythm Schema

Data Type

Schema Description

Header

<severity>

Text/String

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

N/A

[Timestamp]

N/A

N/A

GW-[Name of Gateway]-[Public IP of Gateway]

<objectname>
<snatip>

Text/String/Ip Address

N/A

[Name of Application generating log]

<process>

Text/String

N/A

[Application Process ID]

<parentprocessid>

Number/Text/String

N/A

[Log message]

<subject>
<sinterface>
<dinterface>
<sip>
<dip>
<protname>
<sport>
<dport>

Text/String/Ip Address

IN: Indicates incoming interface.
OUT: Indicates outgoing interface.
SRC: Source IP address.
DST: Destination IP address.
LEN: Length of the packet.
TOS, PREC, TTL, ID : Various IP header fields.
PROTO: Protocol used .
SPT: Source port.
DPT: Destination port.
LEN: Length of the UDP payload.