Document toolboxDocument toolbox

firewall.barracuda

Introduction

The tags beginning with firewall.barracuda identify events generated by Barracuda Networks.

Valid tags and data tables 

The full tag must have 3 levels. The first two are fixed as firewall.barracuda. The third level identifies the type of events sent.

These are the valid tags and corresponding data tables that will receive the parsers' data:

Product / Service

Tags

Data tables

Product / Service

Tags

Data tables

Barracuda Firewall

firewall.barracuda.audit

firewall.barracuda.audit

For more information, read more About Devo tags.

Table structure

These are the fields displayed in this table:

firewall.barracuda.audit

Field

Type

Source field name

Extra fields

Field

Type

Source field name

Extra fields

eventdate

timestamp

 

 

machine

str

vmachine

 

serverdate

timestamp

 

 

operation

str

 

 

type

str

 

 

logType

str

 

 

InputIF

str

 

 

proto

str

 

 

action

str

 

 

srcIp

str

 

 

srcPort

int8

 

 

dstIp

str

 

 

dstPort

int8

 

 

dstService

str

 

 

Status_code

int8

 

 

operationType

str

 

 

srcIp2

str

 

 

srcPort2

int8

 

 

dstIp2

str

 

 

dstPort2

int8

 

 

OutputIF

str

 

 

SCR_MAC

str

 

 

duration

int8

 

 

inBytes

int8

 

 

inPkts

int8

 

 

outBytes

int8

 

 

outPkts

int8

 

 

totalBytes

int8

 

 

hostchain

str

 

✓

tag

str

 

✓

rawMessage

str

rawSource

✓