Document toolboxDocument toolbox

Firewall systems

This group includes tags that start with the level firewall. These tags identify data generated by firewall services.

Company

Product/Service

Data tables

Company

Product/Service

Data tables

Barracuda firewall

  • firewall.barracuda.audit


image2021-6-15_11-33-6.png

Check Point Firewall

 

 

 

Check Point GAiA

 

 

 

Check Point OPSEC LEA

 

 

Check Point Log Exporter

  • firewall.checkpoint.fw

More info about these parsers

 

 

  • firewall.checkpoint.gaia

More info about these parsers

 

 

  • firewall.checkpoint.lea

More info about these parsers

 

 


Cisco ASA

This technology is also supported in CEF via syslog.

 

 

 

Cisco Firepower Management Center

 

 

Cisco Firepower Threat Defense

 

 

 

Cisco Firewall Services Module

 

 

 

Cisco PIX 

  • firewall.cisco.asa

More info about these parsers

 

 

 

  • firewall.cisco.fmc

More info about these parsers

 

 

  • firewall.cisco.ftd

More info about these parsers

 

 

  • firewall.cisco.fwsm

More info about these parsers

 

  • firewall.cisco.pix

More info about these parsers


Fortinet FortiGate (FortiOS Traffic, Security, and Event logs)

This technology is also supported in CEF via syslog.

  • firewall.fortinet.anomaly.anomaly

  • firewall.fortinet.event.admin

  • firewall.fortinet.event.config

  • firewall.fortinet.event.dhcp

  • firewall.fortinet.event.dns

  • firewall.fortinet.event.ha

  • firewall.fortinet.event.his-performance

  • firewall.fortinet.event.ipsec

  • firewall.fortinet.event.pattern

  • firewall.fortinet.event.perf.historical

  • firewall.fortinet.event.sslvpn-session

  • firewall.fortinet.event.sslvpn-user

  • firewall.fortinet.event.system

  • firewall.fortinet.event.user

  • firewall.fortinet.event.vpn

  • firewall.fortinet.event.wireless

  • firewall.fortinet.ips.anomaly

  • firewall.fortinet.traffic.forward

  • firewall.fortinet.traffic.local

  • firewall.fortinet.traffic.multicast

  • firewall.fortinet.traffic.other

  • firewall.fortinet.traffic.violation

  • firewall.fortinet.utm.app-ctrl

  • firewall.fortinet.utm.emailfilter

  • firewall.fortinet.utm.ips

  • firewall.fortinet.utm.virus

  • firewall.fortinet.utm.webfilter

More info about these parsers


Huawei firewall

  • firewall.huawei.ngfw.aaa

  • firewall.huawei.ngfw.cm

  • firewall.huawei.ngfw.fw-log

  • firewall.huawei.ngfw.ifnet

  • firewall.huawei.ngfw.ifpdt

  • firewall.huawei.ngfw.info

  • firewall.huawei.ngfw.module

  • firewall.huawei.ngfw.mstp

  • firewall.huawei.ngfw.ntp

  • firewall.huawei.ngfw.sec

  • firewall.huawei.ngfw.shell

  • firewall.huawei.ngfw.spr

  • firewall.huawei.ngfw.ssh

More info about these parsers


 

Juniper Integrated Services Gateway

 

 

 

 

 

 

 

 

 

Juniper Network & Security Manager

This technology is also supported in CEF via syslog.

 

 

 

 

Juniper SRX-series Firewalls

 

 

 

 

 

Juniper Secure Services Gateway

  • firewall.juniper.isg.system

  • firewall.juniper.isg.traffic

  • firewall.juniper.srx.idp

  • firewall.juniper.srx.probe

  • firewall.juniper.srx.system

  • firewall.juniper.srx.traffic

  • firewall.juniper.srx.utm

  • firewall.juniper.ssg.system

  • firewall.juniper.ssg.traffic

More info about these parsers

 

 

  • firewall.juniper.nsm.traffic

More info about these parsers

 

 

 

  • firewall.juniper.srx.idp 

  • firewall.juniper.srx.probe

  • firewall.juniper.srx.system

  • firewall.juniper.srx.traffic

  • firewall.juniper.srx.utm

More info about these parsers

 

 

  • firewall.juniper.ssg.system

  • firewall.juniper.ssg.traffic

More info about these parsers


 

Cisco Meraki Firewall

  • firewall.meraki.events

  • firewall.meraki.flows

  • firewall.meraki.idsAlerts

  • firewall.meraki.urls


 

Linux kernel firewall - iptables

  • firewall.iptables.std


 

Microsoft Windows Firewall

  • firewall.windows.stdout

More info about these parsers


 

Palo Alto Networks Firewall

  • firewall.paloalto.config

  • firewall.paloalto.system

  • firewall.paloalto.threat

  • firewall.paloalto.traffic

  • firewall.paloalto.correlation

  • firewall.paloalto.hipmatch

  • firewall.paloalto.url

  • firewall.paloalto.userid

More info about these parsers


 

pfSense Firewall

  • firewall.pfsense.everything

  • firewall.pfsense.filterlog

  • firewall.pfsense.firewall

  • firewall.pfsense.system

More info about these parsers


 

SonicWall Firewall (SonicOS)

  • firewall.sonicwall.general

  • firewall.sonicwall.genv58

More info about these parsers


 

Sophos UTM

Sophos XG Firewall

  • firewall.sophos.general.system

  • firewall.sophos.securemail.smtp

  • firewall.sophos.securenet.ips

  • firewall.sophos.securenet.packetfilter

  • firewall.sophos.securenet.vpn

  • firewall.sophos.secureweb.eplog

  • firewall.sophos.secureweb.http

  • firewall.sophos.system.auth

  • firewall.sophos.system.confd

  • firewall.sophos.system.eplog

  • firewall.sophos.system.epsecd

  • firewall.sophos.system.ha 

  • firewall.sophos.system.loadbalancing

  • firewall.sophos.system.red

  • firewall.sophos.system.up2date

  • firewall.sophos.system.wifi

  • firewall.sophos.xgfirewall.contentfiltering

  • firewall.sophos.xgfirewall.fw

  • firewall.sophos.xgfirewall.general

  • firewall.sophos.xgfirewall.wirelessprotection

  • firewall.sophos.xgfirewall.contentfiltering

  • firewall.sophos.xgfirewall.fw

  • firewall.sophos.xgfirewall.general

  • firewall.sophos.xgfirewall.wirelessprotection

More info about these parsers


 

StoneGate Firewall - Forcepoint NGFW

  • firewall.stonegate.ips

  • firewall.stonegate.leef

  • firewall.stonegate.xml

More info about these parsers


WatchGuard Security

  • firewall.watchguard.traffic