Dropped Fragments
Specifies the name and a description of the signature that triggered this event.
Dropped Fragments
Specifies detailed information about dropped fragments in a packet.
Rule Name
Specifies the name of the rule that was used when this event was triggered.
rule
Rule Information
Additional information about the rule that was used when this event was triggered. Certain
parameters may or may not be included, depending on the type of rule. For example, the name of an
authenticated user is only included if this rule contains network objects that has user authentication
information in them.
rule
[satsrcrule]
[satdestrule]
[srcusername]
[destusername]
User Authentication
Additional information about a user authentication event.
authrule
authagent
authevent
username
srcip
Dynamic Route
Additional information about events regarding a dynamic route.
event
Note
For IDP log messages an additional log receiver, an SMTP log receiver, can be
configured. This information is only sent to log receives of that kind, and not included
in the Syslog format.
The name of the rule.
The name of the rule.
The name of the SAT source rule. Valid if the rule action is SAT.
The name of the SAT destination rule. Valid if the rule action is SAT.
The name of the authenticated user in the source network object. Valid if the
source network object has user authentication information.
The name of the authenticated user in the destination network object. Valid if the
destination network object has user authentication information.
The name of the user authentication rule.
The name of the user authentication agent.
The user authentication event that occurred. Possible values: login, logout,
timedout, disallowed_login, accounting and unknown.
The name of the user that triggered this event.
The source IP address of the user that triggered this event.
The dynamic routing event that occurred. Possible values: add, remove, modify,
export, unexport and unknown.
28
Chapter 1. Introduction