This group includes tags that start with the level firewall
. These tags identify data generated by firewall services.
Company | Product / service | Valid tags |
---|
| Barracuda firewall | |
| Check Point Firewall | |
Check Point GAiA | firewall.checkpoint.gaia +info
|
Check Point OPSEC LEA | firewall.checkpoint.lea +info
|
Check Point Log Exporter | firewall.checkpoint.log_exporter +info
|
| Cisco ASA Note |
---|
This technology is also supported in CEF via syslog.+info |
| |
Cisco Firepower Management Center | |
Cisco Firepower Threat Defense | |
Cisco Firewall Services Module Note |
---|
This technology is also supported in CEF via syslog.+info |
| firewall.cisco.fwsm +info
|
Cisco PIX | |
| Fortinet FortiGate (FortiOS Traffic, Security, and Event logs) Note |
---|
This technology is also supported in CEF via syslog.+info |
| firewall.fortinet.anomaly.anomaly +infofirewall.fortinet.event.admin +infofirewall.fortinet.event.config +infofirewall.fortinet.event.dhcp +infofirewall.fortinet.event.dns +infofirewall.fortinet.event.ha +infofirewall.fortinet.event.his-performance +infofirewall.fortinet.event.ipsec +infofirewall.fortinet.event.pattern +infofirewall.fortinet.event.perf.historical +infofirewall.fortinet.event.sslvpn-session +infofirewall.fortinet.event.sslvpn-user +infofirewall.fortinet.event.system +infofirewall.fortinet.event.user +infofirewall.fortinet.event.vpn +infofirewall.fortinet.event.wireless +infofirewall.fortinet.ips.anomaly +infofirewall.fortinet.traffic.forward +infofirewall.fortinet.traffic.local +infofirewall.fortinet.traffic.multicast +infofirewall.fortinet.traffic.other +infofirewall.fortinet.traffic.violation +infofirewall.fortinet.utm.app-ctrl +infofirewall.fortinet.utm.emailfilter +infofirewall.fortinet.utm.ips +infofirewall.fortinet.utm.virus +infofirewall.fortinet.utm.webfilter +info
|
| F5 Networks BIG-IP ASM | firewall.f5.asm
Note |
---|
This parser is deprecated. |
|
| Huawei firewall | firewall.huawei.ngfw.aaa +infofirewall.huawei.ngfw.cm +infofirewall.huawei.ngfw.fw-log +infofirewall.huawei.ngfw.ifnet +infofirewall.huawei.ngfw.ifpdt +infofirewall.huawei.ngfw.info +infofirewall.huawei.ngfw.module +infofirewall.huawei.ngfw.mstp +infofirewall.huawei.ngfw.ntp +infofirewall.huawei.ngfw.sec +infofirewall.huawei.ngfw.shell +infofirewall.huawei.ngfw.spr +infofirewall.huawei.ngfw.ssh +info
|
| Juniper Integrated Services Gateway | firewall.juniper.isg.system +infofirewall.juniper.isg.traffic +infofirewall.juniper.srx.idp +infofirewall.juniper.srx.probe +infofirewall.juniper.srx.system +infofirewall.juniper.srx.traffic +infofirewall.juniper.srx.utm +infofirewall.juniper.ssg.system +infofirewall.juniper.ssg.traffic +info
|
Juniper Network & Security Manager Note |
---|
This technology is also supported in CEF via syslog.+info |
| firewall.juniper.nsm.traffic +info
|
Juniper SRX-series Firewalls | firewall.juniper.srx.idp +infofirewall.juniper.srx.probe +infofirewall.juniper.srx.system +infofirewall.juniper.srx.traffic +infofirewall.juniper.srx.utm +info
|
Juniper Secure Services Gateway | firewall.juniper.ssg.system +infofirewall.juniper.ssg.traffic +info
|
| Cisco Meraki Firewall | firewall.meraki.events firewall.meraki.flows firewall.meraki.idsAlerts firewall.meraki.urls
|
| Linux kernel firewall - iptables | |
| Microsoft Windows Firewall | firewall.windows.stdout +info
|
| Palo Alto Networks Firewall | firewall.paloalto.config +infofirewall.paloalto.system +infofirewall.paloalto.threat +infofirewall.paloalto.traffic +infofirewall.paloalto.correlation firewall.paloalto.hipmatch +infofirewall.paloalto.url +infofirewall.paloalto.userid +info
|
| pfSense Firewall | firewall.pfsense.everything +infofirewall.pfsense.filterlog +infofirewall.pfsense.firewall +infofirewall.pfsense.system +info
|
| SonicWall Firewall (SonicOS) | firewall.sonicwall.general +infofirewall.sonicwall.genv58 +info
|
| Sophos UTM Sophos XG Firewall | firewall.sophos.general.system +infofirewall.sophos.securemail.smtp +infofirewall.sophos.securenet.ips +infofirewall.sophos.securenet.packetfilter +infofirewall.sophos.securenet.vpn +infofirewall.sophos.secureweb.eplog +infofirewall.sophos.secureweb.http +infofirewall.sophos.system.auth +infofirewall.sophos.system.confd +infofirewall.sophos.system.eplog +infofirewall.sophos.system.epsecd +infofirewall.sophos.system.ha +infofirewall.sophos.system.loadbalancing +infofirewall.sophos.system.red +infofirewall.sophos.system.up2date +infofirewall.sophos.system.wifi +infofirewall.sophos.xgfirewall.contentfiltering +infofirewall.sophos.xgfirewall.fw +infofirewall.sophos.xgfirewall.general +infofirewall.sophos.xgfirewall.wirelessprotection +infofirewall.sophos.xgfirewall.contentfiltering +infofirewall.sophos.xgfirewall.fw +infofirewall.sophos.xgfirewall.general +infofirewall.sophos.xgfirewall.wirelessprotection +info
|
| StoneGate Firewall - Forcepoint NGFW | firewall.stonegate.ips +infofirewall.stonegate.leef +infofirewall.stonegate.xml +info
|
| WatchGuard Security | firewall.watchguard.traffic
|
...