BLUEMAX NGF

Download 401
Last updated Feb 27, 2024

bluemax-ngf-session-logs

Get session logs from BLUEMAX NGF device.

bluemax-ngf-session-logs [profile=PROFILE] [duration=NUM{mon|w|d|h|m|s}] [from=yyyyMMddHHmmss] [to=yyyyMMddHHmmss]
profile=PROFILE
Profile name of BLUEMAX NGF
duration=NUM{mon|w|d|h|m|s}
Scan only recent data. You should use s(second), m(minute), h(hour), d(day), mon(month) time unit. For example, 10s means data from 10 seconds earlier.
from=yyyyMMddHHmmss
Start time of range. yyyyMMddHHmmss format. If you omit time part, it will be padded by zero.
to=yyyyMMddHHmmss
End time of range. yyyyMMddHHmmss format. If you omit time part, it will be padded by zero.

Output Fields

FieldTypeNameDescription
_timeStringTimeStart time of session
profileStringConnect profileProfile name of BLUEMAX NGF
log_typeStringLog typee.g. Allow(IPv4), Deny(IPv6)
session_idLongSession ID
src_ipIP addressSource IP address
src_portIntegerSource port
dst_ipIP addressDestination IP address
dst_portIntegerDestination port
protocolStringProtocole.g. TCP, UDP, ICMP
appStringApplicatione.g. HTTP, HTTPS, SYSLOG, DOMAIN-UDP
actionStringactione.g. PERMIT, DENY
reasonStringreasone.g. Denied by Deny Rule
policyStringPolicy'rule_id: rule_name' format
rule_idIntegerRule ID
rule_nameStringRule name
total_bytesLongTotal number of bytes transferred
total_pktsLongTotal number of packets transferred
start_timeDateStart time of session
end_timeDateEnd time of session