Skip to main content
Skip table of contents

Firewall Messages - v6.2.X

Vendor Documentation

https://www.forcepoint.com/product/ngfw-next-generation-firewall
https://help.stonesoft.com/onlinehelp/StoneGate/SMC/6.5.0/GUID-71291199-8540-496C-A4DF-52A69E8FE227.html
https://support.forcepoint.com/KBArticle?id=000015002
https://www.websense.com/content/support/library/ngfw/v64/mgmt/ngfw_640_pg_a_en-us.pdf

Classification

Rule Name

Rule Type

Common Event

Classification


Firewall Messages - v6.2.XBase RuleGeneral Firewall EventInformation
Potential CompromiseSub RuleData CompromisedCompromise
Suspected Attack Related AnomaliesSub RuleSuspicious ActivitySuspicious
Protocol Violation : LowSub RuleVuln Low Severity : Protocol ViolationVulnerability
Suspicious TrafficSub RuleNetwork TrafficNetwork Traffic
System Situations MessagesSub RuleGeneral ErrorError
Suspected ProbeSub RuleSuspicious Network ActivitySuspicious
Protocol Violation : MediumSub RuleGeneral Protocol ViolationError

Mapping with LogRhythm Schema

Device Key in Log MessageLogRhythm SchemaData Type
Version

<version>

Number
vmid<vmid>Number
command<command>Text/String
severity<severity>Text/String/Number
in<packetsin>Number
out<packetsout>Number
requestURL<url>Text/String
cat<tag1>Text/String
app<object>Text/String/Number
deviceFacility<objectname>Text/String
msg<subject>Text/String
destinationTranslatedPort<dport>Number
sourceTranslatedPort<sport>Number
destinationTranslatedAddress<dnatip>IP Address
sourceTranslatedAddress<snatip>IP Address
act<action>Text/String
deviceinboundinterface<sinterface>Text/String/Number
proto<protnum>Number
dpt<dport>Number
spt<sport>Number
dst<dip>IP Address
src<sip>IP Address
dvchost<dname>Text/String/Number


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close