Session
Log types: fw4_allow, fw4_deny, fw6_allow, fw6_deny, nat_session
| Type | Field | Display Name | Description |
|---|---|---|---|
| String | hostname | Hostname | |
| String | log_type | Log type | |
| Date | event_time | Event time | Generated time |
| String | start_time | Start time | Session start time |
| String | end_time | End time | Session end time |
| IP address | src_ip | Source IP | |
| Integer | src_port | Source port | |
| IP address | dst_ip | Destination IP | |
| Integer | dst_port | Destionation port | |
| String | protocol | Protocol | e.g. TCP, UDP |
| String | action | Action | e.g. PERMIT, DENY |
| IP address | nat_src_ip | NAT source IP | |
| Integer | nat_src_port | NAT source port | |
| IP address | nat_dst_ip | NAT destination IP | |
| Integer | nat_dst_port | NAT destination port | |
| String | policy | Policy | e.g. 1: allow all |
| Integer | duration | Duration | Seconds |
| String | terminate_reason | Termination reason | e.g. Denied by Deny Rule |
| Boolean | is_ssl | Is SSL | |
| Boolean | is_sslvpn | Is SSLVPN | |
| String | app_category | App category | |
| Boolean | app_saas | App SaaS | |
| String | app_protocol | App protocol | |
| Long | total_bytes | Total bytes | |
| Long | total_pkts | Total packets | |
| Long | sent_bytes | Sent bytes | Client to server |
| Long | rcvd_bytes | Received bytes | Server to client |
| Long | sent_pkts | Sent packets | Client to server |
| Long | rcvd_pkts | Received packets | Server to client |
| String | fw_rule_id | Rule ID | e.g. 1 |
| String | fw_rule_name | Rule name | e.g. default deny |
| String | nat_rule_id | NAT rule ID | e.g. 0 |
| String | nat_rule_name | NAT rule name | |
| String | tcp_flags | TCP flags | e.g. SAF/SAF |
| String | src_iface | Source interface | e.g. eth4 |
| String | src_zone | Source zone | e.g. Internal |
| String | src_country | Source country | |
| String | dst_country | Destination country |