30260 - LOGID_WAF_URL_ACCESS_BYPASS
Message ID: 30260
Message Description: LOGID_WAF_URL_ACCESS_BYPASS
Message Meaning: Web application firewall allowed application by URL access bypass
Type: WAF
Category: WAF-URL-ACCESS
Severity: Warning
Log Field Name |
Description |
Data Type |
Length |
---|---|---|---|
action |
status of the session. Uses following definition: - Deny = blocked by firewall policy. - Start = session start log (special option to enable logging at start of a session). This means firewall allowed. - All Others = allowed by Firewall Policy and the status indicates how it was closed. |
string |
17 |
agent |
Agent |
string |
64 |
date |
Date |
string |
10 |
direction |
Direction |
string |
|
dstintf |
Destination Interface |
string |
32 |
dstintfrole |
string |
10 |
|
dstip |
Destination IP Address |
ip |
39 |
dstport |
Destination Port |
uint16 |
5 |
eventid |
Event ID |
uint32 |
10 |
eventtime |
uint64 |
20 |
|
eventtype |
Event Type |
string |
32 |
fctuid |
string |
32 |
|
group |
User Group Name |
string |
64 |
level |
Log Level |
string |
11 |
logid |
Log ID |
string |
10 |
policyid |
Policy ID |
uint32 |
10 |
profile |
Full profile name |
string |
64 |
proto |
Protocol |
uint8 |
3 |
service |
Service name |
string |
5 |
sessionid |
Session ID |
uint32 |
10 |
severity |
Severity |
string |
6 |
srcintf |
Source Interface |
string |
32 |
srcintfrole |
string |
10 |
|
srcip |
Source IP Address |
ip |
39 |
srcport |
Source Port |
uint16 |
5 |
subtype |
Log Subtype |
string |
20 |
time |
Time |
string |
8 |
type |
Log Type |
string |
16 |
unauthuser |
string |
66 |
|
unauthusersource |
string |
66 |
|
url |
URL |
string |
512 |
user |
User Name |
string |
256 |
vd |
Virtual Domain Name |
string |
32 |