Log Field Description
This section describes the log fields interconnected with LTS.
Attack Event Logs
|
Field |
Type |
Description |
|---|---|---|
|
src_ip |
string |
Source IP address |
|
src_port |
string |
Source port number |
|
dst_ip |
string |
Destination IP address |
|
dst_port |
string |
Destination port number |
|
protocol |
string |
Protocol type |
|
app |
string |
Application type |
|
src_region_name |
string |
Source region name |
|
src_region_id |
string |
Source region ID |
|
dst_region_name |
string |
Destination region name |
|
dst_region_id |
string |
Destination region ID |
|
log_type |
string |
Log type.
|
|
vsys |
long |
Firewall protection direction.
|
|
direction |
string |
Traffic direction.
|
|
action |
string |
Response action of the firewall.
|
|
packet |
string |
Original data packet of the attack log.
NOTE:
The encoding format is Base64. |
|
attack_rule |
string |
Defense rule that works for the detected attack |
|
attack_rule_id |
string |
ID of the defense rule that works for the detected attack |
|
attack_type |
string |
Type of the attack.
|
|
level |
string |
Level of detected threats.
|
|
source |
string |
Defense for the detected attack.
|
|
event_time |
long |
Attack time |
Access Control Logs
|
Field |
Type |
Description |
|---|---|---|
|
rule_id |
string |
ID of the triggering rule |
|
src_ip |
string |
Source IP address |
|
src_port |
string |
Source port number |
|
dst_ip |
string |
Destination IP address |
|
dst_port |
string |
Destination port number |
|
src_region_name |
string |
Source region name |
|
src_region_id |
string |
Source region ID |
|
dst_region_name |
string |
Destination region name |
|
dst_region_id |
string |
Destination region ID |
|
log_type |
string |
Log type.
|
|
dst_host |
string |
Destination domain name |
|
vsys |
long |
Firewall protection direction.
|
|
protocol |
string |
Protocol type |
|
app |
string |
Application type |
|
direction |
string |
Traffic direction.
|
|
action |
string |
Response action of the firewall.
|
|
hit_time |
long |
Time of an access |
Traffic Logs
|
Field |
Type |
Description |
|---|---|---|
|
src_ip |
string |
Source IP address |
|
src_port |
string |
Source port number |
|
dst_ip |
string |
Destination IP address |
|
dst_port |
string |
Destination port number |
|
protocol |
string |
Protocol type |
|
app |
string |
Application type |
|
direction |
string |
Traffic direction.
|
|
action |
string |
Response action of the firewall.
|
|
src_region_name |
string |
Source region name |
|
src_region_id |
string |
Source region ID |
|
src_vpc |
string |
ID of the VPC that the source IP address belongs to |
|
dst_region_name |
string |
Destination region name |
|
dst_region_id |
string |
Destination region ID |
|
dst_vpc |
string |
ID of the VPC that the destination IP address belongs to |
|
log_type |
string |
Log type.
|
|
dst_host |
string |
Destination domain name |
|
vsys |
long |
Firewall protection direction.
|
|
hit_time |
long |
Time of an access |
|
to_s_bytes |
long |
Number of bytes sent from the client to the server |
|
to_c_bytes |
long |
Number of bytes sent from the server to the client |
|
to_s_pkts |
long |
Number of packets sent from the client to the server |
|
to_c_pkts |
long |
Number of packets sent from the server to the client |
|
bytes |
long |
Number of bytes of the protected traffic |
|
packets |
long |
Number of packets in the protected traffic |
|
start_time |
long |
Stream start time |
|
end_time |
long |
Stream end time |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
