Skip to main content
Skip table of contents

V 2.0 : Anti Virus Events

Vendor Documentation


Rule Name

Rule Type

Common Event


V 2.0 : Anti Virus EventsBase RuleGeneral Error MessageError

Mapping with LogRhythm Schema

Device Key in Log MessageLogRhythm SchemaData TypeSchema Description
Product<vmid>Text/StringProduct Name

Ip Address

IP of the log origin 
OriginN/AN/AName of the first Security Gateway that reported this event
ActionN/AN/AAction of matched rule
SportN/AN/ASource host port number
DIPN/AN/ADestination IP
protocolN/AN/AProtocol detected on the connection
ifnameN/AN/AThe name of the Security Gateway interface through which a connection traverses
ifdirectionN/AN/AConnection direction
Reason<reason>Text/StringInformation on the error occurred
RuleN/AN/AMatched rule number
InfoN/AN/ASpecial log message
XlateSIPN/AN/ASource ipv4 after applying NAT
XlateSportN/AN/ASource host port number after applying NAT
XlateDipN/AN/ADestination ipv4 after applying NAT
xlateDPortN/AN/ADestination host port number after applying NAT
UserN/AN/ASource user name
alertN/AN/AAlert level of matched rule (for connection logs)
icmp-codeN/AN/AIn case a connection is ICMP,  ICMP code info will be added to the log
icmp-typeN/AN/AIn case a connection is ICMP, type info will be added to the log
matched_categoryN/AN/AName of matched category
rule_nameN/AN/AAccess rule name
timeN/AN/AThe time stamp when the log was created
Severity<severity>NumberThreat severity determined by ThreatCloud 
flagsN/AN/ACheckpoint internal field
loguidN/AN/AUUID  of unified logs
sequencenumN/AN/ANumber added to order logs with the same Linux timestamp and origin
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.