Document toolboxDocument toolbox

Firewall systems

Owned by Juan Tomás Alonso Nieto (Deactivated)
Jul 06, 2022
3 min read

This group includes tags that start with the level firewall. These tags identify data generated by firewall services.

Company

Product/Service

Data tables

Company

Product/Service

Data tables

Barracuda firewall

  • firewall.barracuda.audit

image2021-6-15_11-33-6.png

Check Point Firewall

 

 

 

Check Point GAiA

 

 

 

Check Point OPSEC LEA

 

 

Check Point Log Exporter

  • firewall.checkpoint.fw

More info about these parsers

 

 

  • firewall.checkpoint.gaia

More info about these parsers

 

 

  • firewall.checkpoint.lea

More info about these parsers

 

 

Cisco ASA

This technology is also supported in CEF via syslog.

 

 

 

Cisco Firepower Management Center

 

 

Cisco Firepower Threat Defense

 

 

 

Cisco Firewall Services Module

 

 

 

Cisco PIX 

  • firewall.cisco.asa

More info about these parsers

 

 

 

  • firewall.cisco.fmc

More info about these parsers

 

 

  • firewall.cisco.ftd

More info about these parsers

 

 

  • firewall.cisco.fwsm

More info about these parsers

 

  • firewall.cisco.pix

More info about these parsers

Fortinet FortiGate (FortiOS Traffic, Security, and Event logs)

This technology is also supported in CEF via syslog.

  • firewall.fortinet.anomaly.anomaly

  • firewall.fortinet.event.admin

  • firewall.fortinet.event.config

  • firewall.fortinet.event.dhcp

  • firewall.fortinet.event.dns

  • firewall.fortinet.event.ha

  • firewall.fortinet.event.his-performance

  • firewall.fortinet.event.ipsec

  • firewall.fortinet.event.pattern

  • firewall.fortinet.event.perf.historical

  • firewall.fortinet.event.sslvpn-session

  • firewall.fortinet.event.sslvpn-user

  • firewall.fortinet.event.system

  • firewall.fortinet.event.user

  • firewall.fortinet.event.vpn

  • firewall.fortinet.event.wireless

  • firewall.fortinet.ips.anomaly

  • firewall.fortinet.traffic.forward

  • firewall.fortinet.traffic.local

  • firewall.fortinet.traffic.multicast

  • firewall.fortinet.traffic.other

  • firewall.fortinet.traffic.violation

  • firewall.fortinet.utm.app-ctrl

  • firewall.fortinet.utm.emailfilter

  • firewall.fortinet.utm.ips

  • firewall.fortinet.utm.virus

  • firewall.fortinet.utm.webfilter

More info about these parsers

Huawei firewall

  • firewall.huawei.ngfw.aaa

  • firewall.huawei.ngfw.cm

  • firewall.huawei.ngfw.fw-log

  • firewall.huawei.ngfw.ifnet

  • firewall.huawei.ngfw.ifpdt

  • firewall.huawei.ngfw.info

  • firewall.huawei.ngfw.module

  • firewall.huawei.ngfw.mstp

  • firewall.huawei.ngfw.ntp

  • firewall.huawei.ngfw.sec

  • firewall.huawei.ngfw.shell

  • firewall.huawei.ngfw.spr

  • firewall.huawei.ngfw.ssh

More info about these parsers

 

Juniper Integrated Services Gateway

 

 

 

 

 

 

 

 

 

Juniper Network & Security Manager

This technology is also supported in CEF via syslog.

 

 

 

 

Juniper SRX-series Firewalls

 

 

 

 

 

Juniper Secure Services Gateway

  • firewall.juniper.isg.system

  • firewall.juniper.isg.traffic

  • firewall.juniper.srx.idp

  • firewall.juniper.srx.probe

  • firewall.juniper.srx.system

  • firewall.juniper.srx.traffic

  • firewall.juniper.srx.utm

  • firewall.juniper.ssg.system

  • firewall.juniper.ssg.traffic

More info about these parsers

 

 

  • firewall.juniper.nsm.traffic

More info about these parsers

 

 

 

  • firewall.juniper.srx.idp 

  • firewall.juniper.srx.probe

  • firewall.juniper.srx.system

  • firewall.juniper.srx.traffic

  • firewall.juniper.srx.utm

More info about these parsers

 

 

  • firewall.juniper.ssg.system

  • firewall.juniper.ssg.traffic

More info about these parsers

 

Cisco Meraki Firewall

  • firewall.meraki.events

  • firewall.meraki.flows

  • firewall.meraki.idsAlerts

  • firewall.meraki.urls

 

Linux kernel firewall - iptables

  • firewall.iptables.std

 

Microsoft Windows Firewall

  • firewall.windows.stdout

More info about these parsers

 

Palo Alto Networks Firewall

  • firewall.paloalto.config

  • firewall.paloalto.system

  • firewall.paloalto.threat

  • firewall.paloalto.traffic

  • firewall.paloalto.correlation

  • firewall.paloalto.hipmatch

  • firewall.paloalto.url

  • firewall.paloalto.userid

More info about these parsers

 

pfSense Firewall

  • firewall.pfsense.everything

  • firewall.pfsense.filterlog

  • firewall.pfsense.firewall

  • firewall.pfsense.system

More info about these parsers

 

SonicWall Firewall (SonicOS)

  • firewall.sonicwall.general

  • firewall.sonicwall.genv58

More info about these parsers

 

Sophos UTM

Sophos XG Firewall

  • firewall.sophos.general.system

  • firewall.sophos.securemail.smtp

  • firewall.sophos.securenet.ips

  • firewall.sophos.securenet.packetfilter

  • firewall.sophos.securenet.vpn

  • firewall.sophos.secureweb.eplog

  • firewall.sophos.secureweb.http

  • firewall.sophos.system.auth

  • firewall.sophos.system.confd

  • firewall.sophos.system.eplog

  • firewall.sophos.system.epsecd

  • firewall.sophos.system.ha 

  • firewall.sophos.system.loadbalancing

  • firewall.sophos.system.red

  • firewall.sophos.system.up2date

  • firewall.sophos.system.wifi

  • firewall.sophos.xgfirewall.contentfiltering

  • firewall.sophos.xgfirewall.fw

  • firewall.sophos.xgfirewall.general

  • firewall.sophos.xgfirewall.wirelessprotection

  • firewall.sophos.xgfirewall.contentfiltering

  • firewall.sophos.xgfirewall.fw

  • firewall.sophos.xgfirewall.general

  • firewall.sophos.xgfirewall.wirelessprotection

More info about these parsers

 

StoneGate Firewall - Forcepoint NGFW

  • firewall.stonegate.ips

  • firewall.stonegate.leef

  • firewall.stonegate.xml

More info about these parsers

WatchGuard Security

  • firewall.watchguard.traffic