Message ID: 3
Message Description: LOG_ID_TRAFFIC_DENY
Message Meaning: Traffic violation
Type: Traffic
Category: forward
Severity: Warning
|
Log Field Name |
Description |
Data Type |
Length |
|---|---|---|---|
|
wanout |
WAN outgoing traffic in bytes |
uint64 |
20 |
|
wanoptapptype |
WAN Optimization Application type |
string |
9 |
|
wanin |
WAN incoming traffic in bytes |
uint64 |
20 |
|
vwpvlanid |
|
uint32 |
10 |
|
vwlservice |
|
string |
64 |
|
vwlquality |
|
string |
320 |
|
vwlname |
|
string |
36 |
|
vwlid |
|
uint32 |
10 |
|
vrf |
|
uint8 |
3 |
|
vpntype |
The type of the VPN tunnel |
string |
14 |
|
vpn |
The name of the VPN tunnel |
string |
32 |
|
vd |
Virtual domain name |
string |
32 |
|
utmaction |
Security action performed by UTM |
string |
32 |
|
user |
User name |
string |
256 |
|
url |
|
string |
512 |
|
unauthusersource |
The method used to detect unauthenticated user name |
string |
66 |
|
unauthuser |
Unauthenticated user name |
string |
66 |
|
tz |
|
string |
5 |
|
type |
Log type |
string |
16 |
|
transport |
NAT Source Port |
uint16 |
5 |
|
transip |
NAT Source IP |
ip |
39 |
|
tranport |
NAT Destination Port |
uint16 |
5 |
|
tranip |
NAT destination IP |
ip |
39 |
|
trandisp |
NAT translation type |
string |
16 |
|
time |
Time |
string |
8 |
|
subtype |
Subtype of the traffic |
string |
20 |
|
sslaction |
|
string |
26 |
|
srcuuid |
UUID of the Source IP Address |
string |
37 |
|
srcswversion |
|
string |
66 |
|
srcssid |
Source SSID |
string |
33 |
|
srcserver |
|
uint8 |
3 |
|
srcport |
Source port number |
uint16 |
5 |
|
srcname |
Source name |
string |
66 |
|
srcmac |
MAC address associated with the Source IP |
string |
17 |
|
srcip |
Source IP address |
ip |
39 |
|
srcintfrole |
|
string |
10 |
|
srcintf |
Source interface name |
string |
32 |
|
srcinetsvc |
|
string |
64 |
|
srchwversion |
|
string |
66 |
|
srchwvendor |
|
string |
66 |
|
srcfamily |
|
string |
66 |
|
srcdomain |
|
string |
255 |
|
srccountry |
Country name for Source IP |
string |
64 |
|
shapingpolicyid |
|
uint32 |
10 |
|
shapersentname |
Traffic shaper name for sent traffic |
string |
36 |
|
shaperrcvdname |
Traffic shaper name for received traffic |
string |
36 |
|
shaperperipname |
Traffic shaper name (per IP) |
string |
36 |
|
shaperperipdropbyte |
Dropped bytes per IP by shaper |
uint32 |
10 |
|
shaperdropsentbyte |
Sent bytes dropped by shaper |
uint32 |
10 |
|
shaperdroprcvdbyte |
Received bytes dropped by shaper |
uint32 |
10 |
|
sessionid |
Session ID |
uint32 |
10 |
|
service |
Name of service |
string |
80 |
|
sentpkt |
Sent Packets |
uint32 |
10 |
|
sentdelta |
|
uint64 |
20 |
|
sentbyte |
Sent Bytes |
uint64 |
20 |
|
rcvdpkt |
Received Packets |
uint32 |
10 |
|
rcvddelta |
|
uint64 |
20 |
|
rcvdbyte |
Received Bytes |
uint64 |
20 |
|
radioband |
|
string |
64 |
|
proto |
protocol number |
uint8 |
3 |
|
poluuid |
UUID of the Firewall Policy |
string |
37 |
|
policytype |
|
string |
24 |
|
policyname |
|
string |
36 |
|
policyid |
Firewall Policy ID |
uint32 |
10 |
|
osname |
Name of the device's OS |
string |
66 |
|
msg |
Log message |
string |
64 |
|
mastersrcmac |
The master MAC address for a host that has multiple network interfaces |
string |
17 |
|
masterdstmac |
|
string |
17 |
|
logid |
Log ID |
string |
10 |
|
level |
Log Level |
string |
11 |
|
lanout |
LAN outgoing traffic in bytes |
uint64 |
20 |
|
lanin |
LAN incoming traffic in bytes |
uint64 |
20 |
|
identifier |
|
uint16 |
5 |
|
group |
User group name |
string |
64 |
|
fctuid |
|
string |
32 |
|
eventtime |
|
uint64 |
20 |
|
duration |
Duration of the session |
uint32 |
10 |
|
dstuuid |
UUID of the Destination IP address |
string |
37 |
|
dstuser |
|
string |
256 |
|
dstunauthusersource |
|
string |
66 |
|
dstunauthuser |
|
string |
66 |
|
dstswversion |
|
string |
66 |
|
dstssid |
Destination SSID |
string |
33 |
|
dstserver |
|
uint8 |
3 |
|
dstport |
Destination Port |
uint16 |
5 |
|
dstosname |
|
string |
66 |
|
dstname |
The destination name. |
string |
66 |
|
dstmac |
|
string |
17 |
|
dstip |
Destination IP Address |
ip |
39 |
|
dstintfrole |
|
string |
10 |
|
dstintf |
Destination Interface |
string |
32 |
|
dstinetsvc |
|
string |
64 |
|
dsthwversion |
|
string |
66 |
|
dsthwvendor |
|
string |
66 |
|
dstgroup |
|
string |
64 |
|
dstfamily |
|
string |
66 |
|
dstdevtype |
|
string |
66 |
|
dstcountry |
Country name for the destination IP |
string |
64 |
|
dstauthserver |
|
string |
32 |
|
devtype |
Device type |
string |
66 |
|
devid |
Device serial number |
string |
16 |
|
date |
Date |
string |
10 |
|
crscore |
Client Reputation score |
uint32 |
10 |
|
crlevel |
|
string |
10 |
|
craction |
Action performed by Client Reputation |
uint32 |
10 |
|
comment |
|
string |
1024 |
|
channel |
|
uint32 |
10 |
|
centralnatid |
Central NAT ID |
uint32 |
10 |
|
authserver |
|
string |
32 |
|
apsn |
|
string |
36 |
|
apprisk |
Application Risk Level |
string |
16 |
|
applist |
Application Control profile (name) |
string |
64 |
|
appid |
Application ID |
uint32 |
10 |
|
appcat |
Application category |
string |
64 |
|
appact |
The security action from app control |
string |
16 |
|
app |
Application name |
string |
96 |
|
ap |
|
string |
36 |
|
agent |
|
string |
64 |
|
action |
status of the session. Uses following definition: - Deny = blocked by firewall policy. - Start = session start log (special option to enable logging at start of a session). This means firewall allowed. - All Others = allowed by Firewall Policy and the status indicates how it was closed. |
string |
16 |