Introduction
Tags beginning with firewall.velocloud
identifies events generated by VeloCloud.
Tag structure
The full tag must have 3 levels. The first two are fixed as firewall.velocloud
. The third level identifies the type of events sent.
Product / Service | Tags | Data tables |
---|---|---|
VeloCloud Firewall |
|
|
Table structure
These are the fields displayed in this table:
firewall.velocloud.traffic
Field | Type | Extra fields |
---|---|---|
eventdate |
| |
host |
| |
sessionID |
| |
segmentObjectId |
| |
ruleLogicalId |
| |
interface |
| |
protocol |
| |
srcIp |
| |
srcPort |
| |
dstIp |
| |
dstPort |
| |
dest_name |
| |
action |
| |
application |
| |
durationSecs |
| |
bytesSent |
| |
bytesReceived |
| |
reason |
| |
nat_src |
| |
nat_spt |
| |
svlan |
| |
dvlan |
| |
eventName |
| |
hostchain |
| ✓ |
tag |
| ✓ |
rawMessage |
|