firewall.vyatta
- Juan Tomás Alonso Nieto (Deactivated)
- Laszlo Frazer
Introduction
Tags beginning with firewall.vyatta identify events generated by VyOS.
Tag structure
The full tag must have 3 levels. The first two are fixed as firewall.vyatta. The third level identifies the type of events sent.
Product / Service | Tags | Data tables |
|---|---|---|
Vyatta Firewall |
|
|
|
|
How is the data sent to Devo?
First, enable logging: https://docs.vyos.io/en/latest/configuration/system/syslog.html#display-logs. VyOS logs may be sent without defining a relay rule.
Table structure
These are the fields displayed in these tables:
firewall.vyatta.session_table
Field | Type | Extra fields |
|---|---|---|
eventdate |
|
|
serverdate_str |
|
|
origin_host |
|
|
service_name |
|
|
service_tag |
|
|
service_pid |
|
|
unknown_field_1 |
|
|
unknown_field_2 |
|
|
session_id |
|
|
session_status |
|
|
protocol |
|
|
protocol_id |
|
|
timeout |
|
|
src_ip |
|
|
src_port |
|
|
dst_ip |
|
|
dst_port |
|
|
ifname |
|
|
hostchain |
| ✓ |
tag |
| ✓ |
rawMessage |
| ✓ |
firewall.vyatta.traffic
Field | Type | Extra fields |
|---|---|---|
eventdate |
|
|
serverdate_str |
|
|
origin_host |
|
|
service_name |
|
|
service_tag |
|
|
service_pid |
|
|
unknown_field_1 |
|
|
unknown_field_2 |
|
|
traffic_direction |
|
|
ifname |
|
|
action |
|
|
rule_type |
|
|
rule_name |
|
|
rule_number |
|
|
protocol |
|
|
protocol_id |
|
|
src_ip |
|
|
dst_ip |
|
|
src_port |
|
|
dst_port |
|
|
v4_len |
|
|
v4_ttl |
|
|
v4_tos |
|
|
v4_ecn |
|
|
v4_prot |
|
|
v4_hl |
|
|
tcp_flags |
|
|
tcp_res |
|
|
tcp_doff |
|
|
tcp_seq |
|
|
tcp_ack |
|
|
tcp_win |
|
|
tcp_urgp |
|
|
hostchain |
| ✓ |
tag |
| ✓ |
rawMessage |
| ✓ |