firewall.velocloud
- Former user (Deleted)
- Juan Tomás Alonso Nieto (Deactivated)
Introduction
Tags beginning with firewall.velocloud identify events generated by VeloCloud.
Tag structure
The full tag must have 3 levels. The first two are fixed as firewall.velocloud. The third level identifies the type of events sent.
Product / Service | Tags | Data tables |
|---|---|---|
VeloCloud Firewall |
|
|
Table structure
These are the fields displayed in this table:
firewall.velocloud.traffic
Field | Type | Field transformation | Source field name | Extra fields |
|---|---|---|---|---|
eventdate |
|
|
|
|
host |
|
| vhost |
|
sid |
|
|
|
|
sessionID |
|
| id |
|
segmentObjectId |
|
|
|
|
ruleLogicalId |
|
|
|
|
interface |
|
|
|
|
protocol |
|
|
|
|
srcIp |
|
| sourceIp |
|
srcPort |
|
| sourcePort |
|
dstIp |
|
| destIp |
|
dstPort |
|
| destPort |
|
dest_name |
|
| sdwanDestination |
|
action |
|
|
|
|
application |
|
|
|
|
durationSecs |
|
|
|
|
bytesSent |
|
|
|
|
bytesReceived |
|
|
|
|
reason |
|
|
|
|
nat_src |
|
|
|
|
nat_spt |
|
|
|
|
svlan |
|
|
|
|
dvlan |
|
|
|
|
dstDomain |
|
|
|
|
fwPolicyName |
|
|
|
|
eventName |
| (isnull(action) ? "null" : action) + "_" + (isnull(protocol) ? "null" : protocol) + "_" + (isnull(reason) ? "null" : reason) | reason protocol action |
|
hostchain |
|
|
| ✓ |
tag |
|
|
| ✓ |
rawMessage |
|
|
|
|