Skip to main content
Skip table of contents

V 2.0 Decryption Event Messages 1

Log Fields and Parsing

This section details the log fields available in this log message type, along with values parsed for both LogRhythm Default and LogRhythm Default v2.0 policies. A value of "N/A" (not applicable) means that there is no value parsed for a specified log field.

Log Field

LogRhythm Default

LogRhythm Default v2.0

Type (type)N/A<vmid>
Threat/ContentType (subtype)N/A<vendorinfo>
Source Address (src)N/A<sip>
Destination Address (dst)N/A<dip>
NAT Source IP (natsrc)N/A<snatip>
NAT Destination IP (natdst)N/A<dnatip>
Rule (rule)N/A<policy>
Source User (srcuser)N/A<domainorigin>
Destination User (dstuser)N/A<domainimpacted>
Inbound Interface (inbound_if)N/A<sinterface>
Outbound Interface (outbound_if)N/A<dinterface>
Session ID (sessionid)N/A<session>
Repeat Count (repeatcnt)N/A<quantity>
Source Port (sport)N/A<sport>
Destination Port (dport)N/A<dport>
NAT Source Port (natsport)N/A<snatport>
NAT Destination Port (natdport)N/A<dnatport>
IP Protocol (proto)N/A<protname>
Action (action)N/A<action>
Device Name (device_name)N/A<objectname>
Application Characteristic (characteristic_of_app)N/A<result>

Log Processing Settings

This section details log processing changes made from the LogRhythm Default policy to LogRhythm Default v2.0. In some cases, base rules are broken down into sub-rules to appropriately parse log message types by their event types.

LogRhythm Default

Regex ID

Rule Name

Rule Type

Common Event



LogRhythm Default v2.0 

Regex IDRule NameRule TypeCommon EventClassification

V 2.0 Decryption Event MessagesBase RuleSession InformationInformation
V 2.0 Decryption Session AllowedSub RuleTraffic Allowed by Network FirewallNetwork Allow
V 2.0 Decryption Session DeniedSub RuleTraffic Denied by Network FirewallNetwork Deny
V 2.0 Decryption Session DroppedSub RuleTraffic Denied by Network FirewallNetwork Deny
V 2.0 Decryption Session ResetSub RuleTraffic Denied by Network FirewallNetwork Deny
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.