Skip to main content
Skip table of contents

V 2.0 : Anti Virus Events

Vendor Documentation

Classification

Rule Name

Rule Type

Common Event

Classification

V 2.0 : Anti Virus EventsBase RuleGeneral Error MessageError

Mapping with LogRhythm Schema

Device Key in Log MessageLogRhythm SchemaData TypeSchema Description
virtuallogsourceN/AN/AN/A
subproductN/AN/ASubproduct
Product<vmid>Text/StringProduct Name
Originip<dip>

Ip Address

IP of the log origin 
OriginN/AN/AName of the first Security Gateway that reported this event
ActionN/AN/AAction of matched rule
SIPN/AN/ASource IP
SportN/AN/ASource host port number
DIPN/AN/ADestination IP
protocolN/AN/AProtocol detected on the connection
ifnameN/AN/AThe name of the Security Gateway interface through which a connection traverses
ifdirectionN/AN/AConnection direction
Reason<reason>Text/StringInformation on the error occurred
RuleN/AN/AMatched rule number
InfoN/AN/ASpecial log message
XlateSIPN/AN/ASource ipv4 after applying NAT
XlateSportN/AN/ASource host port number after applying NAT
XlateDipN/AN/ADestination ipv4 after applying NAT
xlateDPortN/AN/ADestination host port number after applying NAT
UserN/AN/ASource user name
alertN/AN/AAlert level of matched rule (for connection logs)
icmp-codeN/AN/AIn case a connection is ICMP,  ICMP code info will be added to the log
icmp-typeN/AN/AIn case a connection is ICMP, type info will be added to the log
matched_categoryN/AN/AName of matched category
rule_nameN/AN/AAccess rule name
URLN/AN/AMatched URL
timeN/AN/AThe time stamp when the log was created
Severity<severity>NumberThreat severity determined by ThreatCloud 
description<subject>Text/StringN/A
flagsN/AN/ACheckpoint internal field
loguidN/AN/AUUID  of unified logs
sequencenumN/AN/ANumber added to order logs with the same Linux timestamp and origin
versionN/AN/AN/A
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.