firewall.velocloud
- Former user (Deleted)
- Juan Tomás Alonso Nieto (Deactivated)
Introduction
Tags beginning with firewall.velocloud identify events generated by VeloCloud.
Tag structure
The full tag must have 3 levels. The first two are fixed as firewall.velocloud. The third level identifies the type of events sent.
Product / Service | Tags | Data tables |
|---|---|---|
VeloCloud Firewall |
|
|
Table structure
These are the fields displayed in this table:
firewall.velocloud.traffic
Field | Type | Field transformation | Source field name | Extra fields |
|---|---|---|---|---|
eventdate |
| Â | Â | Â |
host |
| Â | vhost | Â |
sid |
| Â | Â | Â |
sessionID |
| Â | id | Â |
segmentObjectId |
| Â | Â | Â |
ruleLogicalId |
| Â | Â | Â |
interface |
| Â | Â | Â |
protocol |
| Â | Â | Â |
srcIp |
| Â | sourceIp | Â |
srcPort |
| Â | sourcePort | Â |
dstIp |
| Â | destIp | Â |
dstPort |
| Â | destPort | Â |
dest_name |
| Â | sdwanDestination | Â |
action |
| Â | Â | Â |
application |
| Â | Â | Â |
durationSecs |
| Â | Â | Â |
bytesSent |
| Â | Â | Â |
bytesReceived |
| Â | Â | Â |
reason |
| Â | Â | Â |
nat_src |
| Â | Â | Â |
nat_spt |
| Â | Â | Â |
svlan |
| Â | Â | Â |
dvlan |
| Â | Â | Â |
dstDomain |
| Â | Â | Â |
fwPolicyName |
| Â | Â | Â |
eventName |
| (isnull(action) ? "null" : action) + "_" + (isnull(protocol) ? "null" : protocol) + "_" + (isnull(reason) ? "null" : reason) | reason protocol action | Â |
hostchain |
|  |  | ✓ |
tag |
|  |  | ✓ |
rawMessage |
| Â | Â | Â |