No Legacy Event
Vendor Documentation
Classification
Rule Name | Rule Type | Classification | Common Event |
---|---|---|---|
No Legacy Event | Base Rule | Information | General Information Log Message |
Packet Forwarded | Sub Rule | Information | Forwarding Data |
Packet Dropped | Sub Rule | Warning | Request Dropped |
Management Packet | Sub Rule | Information | Management Pack Received |
No Packet Associated | Sub Rule | Information | General Information Log Message |
Mapping with LogRhythm Schema
Device Key in Log Message | LogRhthm Schema | Data Type | Schema Description |
---|---|---|---|
id | N/A | N/A | N/A |
sn | <serialnumber> | Number | Indicates the device serial number |
time | N/A | N/A | Reports the time of event |
fw | N/A | N/A | Indicates the WAN IP Address |
pri | <severity> | Number | Displays the event priority level (0=emergency, 7=debug) |
c | <vmid> | Number | Indicates the legacy category number (Note: SonicOS/X does not currently send new category information) |
gcat | N/A | N/A | Display event group category when using Enhanced Syslog |
m | N/A | N/A | Provides the message ID number |
msg | <vendorinfo> | Text/String | Displays the message which is composed of either or both a predefined message and a dynamic message containing a string %s or numeric %d argument |
if | <sinterface> | Text/String | Displays the interface on which statistics are reported |
ucastRx | <packetsin> | Number | Displays the unicast packets received |
bcastRx | N/A | N/A | Displays the broadcast packets received |
bytesRx | <bytesin> | Number | Displays the bytes received |
ucastTx | <packetsout> | Number | Displays the unicast packets transmitted |
bcastTx | N/A | N/A | Displays the broadcast packets transmitted |
bytesTx | <bytesout> | Number | Displays the bytes transmitted |
n | <quantity> | Number | Indicates the number of times event occurs |
fw_action | <action> <tag1> | Text/String | The explicit action performed on network traffic (packets) encountered by the firewall based on built-in or user-configured policies that may allow or drop packets. Possible values are:
|