Browse log data
Copies of the most recent log and alert entries are stored on the NGFW Engine.
Steps
Example
| Option | Definition |
|---|---|
| Kind | The type of policy that triggered the log event. |
| Creation Time | Log entry creation time. |
| Component ID | The identifier of the creator of the log entry. |
| Event ID | Event identifier, unique within one sender. |
| Sender | IP address of the NGFW Engine that sent the log entry. |
| Information Message | A description of the log event that further explains the entry. |
| Facility | The NGFW Engine subsystem that generated the log event. |
| Type | Log entry severity type. |
| Action | Action of the rule that triggered the log event. The action values are Allow, Discard, Refuse, Terminate, Wait for further actions, and Wait for authentication. |
| Rule Tag | Rule tag of the rule that triggered the log event. |
| Src Addr | Packet source IP address. |
| Dst Addr | Packet destination IP address. |
| Src Port | TCP or UDP source port in the packet header. |
| Dst Port | TCP or UDP destination port in the packet header. |
| IP Protocol | IP protocol of the traffic that generated the log event. |
| IP Version | Version field value in the IP header. |
| Event | The event that triggered the log creation, for example, New connection, Connection closed, Connection discarded. |
| Situation | The identifier of the situation that triggered the log event. |
| Syslog | Syslog is a system service used in some operating systems, for example, UNIX, and software packages. For more information about syslog and syslog types, see RFC 3164. |
| Daemon | The name of the daemon that generated the log event. |