Log Types: OracleVCNFlowLog
OracleVCNFlowLog Fields and their definitions:
Field Name | Definition |
|---|---|
DATE | The date the log entry was generated. |
TIME | The time the log entry was generated. |
SYSTEM | The IP address of the system collecting or processing the log entry. |
TABLE | The table name. i.e. OracleVCNFlowLogs |
COLLECTIONDATETIME | The timestamp that indicates when the logging system collected the log entry. |
DATAACTION | Action taken on the network traffic (e.g., ACCEPT or REJECT). |
DATADESTINATIONADDRESS | Destination IP address for the traffic flow. |
DATADESTINATIONPORT | The destination port number used in the connection. |
DATAENDTIME | The timestamp when the observed traffic flow ended. |
DATAFLOWID | Unique identifier for a specific traffic flow. |
DATAPACKETS | Number of packets involved in the traffic flow. |
DATAPROTOCOLNAME | Name of the protocol used (e.g., TCP, UDP). |
DATASOURCEADDRESS | Source IP address for the traffic flow. |
DATASOURCEPORT | Source port number used in the connection. |
DATASTARTTIME | The timestamp when the observed traffic flow began. |
DATASTATUS | Status of the flow log entry (e.g., OK, ERROR). |
DATETIME | General timestamp representing the time of the flow event. Often matches DATASTARTTIME. |
ID | Another identifier for the flow log entry; often matches DATAFLOWID. |
ORACLECOMPARTMENTID | OCID (Oracle Cloud Identifier) of the compartment that owns the resource generating the traffic. |
ORACLEINGESTEDTIME | Timestamp when Oracle Logging ingested the flow log data. |
ORACLELOGGROUP | OCID of the Oracle Log Group that contains this log entry. |
ORACLELOGID | OCID of the specific log stream where the log was recorded. |
ORACLETENANTID | OCID of the Oracle tenancy (root identity domain) associated with this log. |
ORACLEVCNOCID | OCID of the Virtual Cloud Network (VCN) involved in the flow. |
ORACLEVNICCOMPARTMENTOCID | OCID of the compartment that contains the VNIC (Virtual Network Interface Card). |
ORACLEVNICOCID | OCID of the VNIC where the flow traffic was observed. |
ORACLEVNICSUBNETOCID | OCID of the subnet associated with the VNIC. |
SNAREDATAMAP | Collection of optional fields collected from OracleVCNFlowLogs |
SNAREORIGINALEVENT | JSON structure of the original event record as received, including field names and values. |
SPECVERSION | Version of the CloudEvents specification used for formatting the event (1.0 in most cases). |
TYPE | The event type name that identifies the nature of the event (com.oraclecloud.vcn.flowlogs.DataEvent). |
The contents of VCN Flow Logs are described in detail in the official Oracle Documentation. Please refer to this as the authoritative source.