[firewall.juniper.nsm.traffic][firewall.juniper.srx.idp][ firewall.juniper.srx.probe] | Anchor |
|---|
| firewall.juniper.nsm.traffic |
|---|
| firewall.juniper.nsm.traffic |
|---|
|
firewall.juniper.nsm.traffic Field | Type | Extra Label |
|---|
eventdate | timestamp
| - | machine | str
| - | logDayId | str
| - | logRecordId | str
| - | timeReceived | timestamp
| - | timeGenerated | timestamp
| - | deviceDomain | str
| - | deviceDomainVer | str
| - | deviceName | str
| - | deviceIp | ip4
| - | category | str
| - | subCategory | str
| - | srcZone | str
| - | srcIface | str
| - | srcIp | ip4
| - | srcIp_str | str
| - | srcPort | int4
| - | srcXIp | ip4
| - | srcXPort | int4
| - | dstZone | str
| - | dstIface | str
| - | dstIp | ip4
| - | dstPort | int4
| - | dstXIp | ip4
| - | dstXPort | int4
| - | proto | str
| - | policyDomain | str
| - | policyDomainVer | str
| - | policyName | str
| - | rulebase | str
| - | ruleNumber | str
| - | ruleNumber2 | str
| - | action | str
| - | severity | str
| - | isAlert | str
| - | details | str
| - | user | str
| - | app | str
| - | uri | str
| - | elapsedSecs | int4
| - | bytesIn | int8
| - | bytesOut | int8
| - | bytesTotal | int8
| - | pktsIn | int4
| - | pktsOut | int4
| - | pktsTotal | int4
| - | repeatCount | int4
| - | hasData | str
| - | data | str
| - | appliService | str
| - | deviceFamily | str
| - | hostchain | str
| ✓ | tag | str
| ✓ | rawMessage | str
| ✓ |
| Anchor |
|---|
| firewall.juniper.srx.idp |
|---|
| firewall.juniper.srx.idp |
|---|
|
firewall.juniper.srx.idpField | Type | Extra Label |
|---|
eventdate | timestamp
| - | machine | str
| - | type | str
| - | attack_name | str
| - | source_address | ip4
| - | source_port | int4
| - | destination_address | ip4
| - | destination_port | int4
| - | protocol_id | str
| - | source_zone_name | str
| - | interface_name | str
| - | action | str
| - | hostchain | str
| ✓ | tag | str
| ✓ | rawMessage | str
| ✓ |
| Anchor |
|---|
| firewall.juniper.srx.probe |
|---|
| firewall.juniper.srx.probe |
|---|
|
firewall.juniper.srx.probeField | Type | Extra Label |
|---|
eventdate | timestamp
| - | machine | str
| - | type | str
| - | interfaceName | str
| - | name | str
| - | testOwner | str
| - | snmpInterfaceIndex | str
| - | testName | str
| - | message | str
| - | adminStatus | str
| - | operationalStatus | str
| - | hostchain | str
| ✓ | tag | str
| ✓ | rawMessage | str
| ✓ |
[firewall.juniper.srx.traffic][firewall.juniper.srx.utm][firewall.juniper.system] | Anchor |
|---|
| firewall.juniper.srx.traffic |
|---|
| firewall.juniper.srx.traffic |
|---|
|
firewall.juniper.srx.traffic Field | Type | Extra Label |
|---|
eventdate | timestamp
| - | machine | str
| - | serverdate | str
| - | hostname | str
| - | process_name | str
| - | pid | str
| - | log_type | str
| - | platform | str
| - | username | str
| - | authentication_level | str
| - | client_ip | ip4
| - | client_port | str
| - | destination_ip | ip4
| - | destination_port | str
| - | message | str
| - | hostchain | str
| ✓ | tag | str
| ✓ | rawMessage | str
| ✓ |
| Anchor |
|---|
| firewall.juniper.srx.utm |
|---|
| firewall.juniper.srx.utm |
|---|
|
firewall.juniper.srx.utmField | Type | Extra Label |
|---|
eventdate | timestamp
| - | machine | str
| - | srcIp | ip4
| - | srcIp_str | str
| - | srcPort | int4
| - | dstIp | ip4
| - | dstPort | int4
| - | name | str
| - | error_message | str
| - | profile_name | str
| - | object_name | str
| - | pathname | str
| - | username | str
| - | roles | str
| - | hostchain | str
| ✓ | tag | str
| ✓ | rawMessage | str
| ✓ |
| Anchor |
|---|
| firewall.juniper.system |
|---|
| firewall.juniper.system |
|---|
|
firewall.juniper.systemField | Type | Extra Label |
|---|
eventdate | timestamp
| - | machine | str
| - | product | str
| - | devModel | str
| - | devId0 | str
| - | severity | str
| - | type | int4
| - | message | str
| - | hostchain | str
| ✓ | tag | str
| ✓ | rawMessage | str
| ✓ |
firewall.juniper.trafficField | Type | Extra Label |
|---|
eventdate | timestamp
| - | machine | str
| - | product | str
| - | devModel | str
| - | devId | str
| - | severity | str
| - | type | int4
| - | startTime | timestamp
| - | duration | int4
| - | policyId | int8
| - | service | str
| - | protocol | int4
| - | protoStr | str
| - | srcZone | str
| - | dstZone | str
| - | action | str
| - | cliPkts | int4
| - | bytesSend | int8
| - | srvPkts | int4
| - | bytesRecv | int8
| - | srcIp | ip4
| - | srcIp_str | str
| - | dstIp | ip4
| - | srcPort | int4
| - | dstPort | int4
| - | icmpType | int4
| - | icmpCode | int4
| - | sessionId | int8
| - | srcXIp | ip4
| - | srcXPort | int4
| - | dstXIp | ip4
| - | dstXPort | int4
| - | reason | str
| - | version | str
| - | pid | str
| - | natConnetionTag | str
| - | srcNatRuleType | str
| - | srcNatRule | str
| - | dstNatRuleType | str
| - | dstNatRule | str
| - | srcNatIp | ip4
| - | dstNatIp | ip4
| - | policy | str
| - | user | str
| - | roles | str
| - | iface | str
| - | app | str
| - | app2 | str
| - | encrypted | str
| - | structuredData | str
| - | unknown | str
| - | rawMessage | str
| ✓ | hostchain | str
| ✓ | tag | str
| ✓ |
| 
