Cisco ASA

Download 32
Last updated Oct 25, 2023

Session

Cisco ASA firewall logs are parsed against a standardized session log schema.

TypeFieldDisplay NameDescription
IntegerseveritySeverity
Stringmsg_codeMessage codee.g. 106100
IP addresssrc_ipSource IP
Integersrc_portSource port
IP addressdst_ipDestination IP
Integerdst_portDestination port
StringprotocolProtocole.g. TCP, UDP, ICMP
StringappApplicatione.g. snmp
StringactionActione.g. PERMIT, DENY, DROP, CLOSE
IP addressnat_src_ipNAT source IP
Integernat_src_portNAT source port
IP addressnat_dst_ipNAT destination IP
Integernat_dst_portNAT destination port
StringpolicyPolicye.g. outside_access_in
IntegerdurationDurationin seconds
Longtotal_bytesTotal bytes
Stringsrc_countrySource country
Stringdst_countryDestination country