Log Types: CyberGuardFirewallLog
- Leigh Purdie (Unlicensed)
Overview
CyberGuard Firewall is a network security product that provides users with Internet and intranet access control, monitoring and network security.
Sample Events
<163>Aug 3 02:30:11 172.16.8.9 auditlogd: Activity: deny 2004/08/03 02:30:10: D dec2 lo0 192.168.104.10 192.168.104.255 17 137 137
Fields
Field | Description |
|---|---|
DATE | Event date, in the format YYYY-MM-DD |
TIME | Event time, in the format HH:MM:SS |
SYSTEM | The source system |
TABLE | CyberGuardFirewallLog |
ACTION | Â |
PROTO | Note that the cyberguard firewall supports a wider range of ‘protocol’ definitions than most other network devices, and will report protocols such as ETHERIP, AX.25, ISO-IP, ARIS, KRYPTOLAN, and a range of others, in the protocol field. Be cautious attempting to match this field with the protocols provided by other network devices. |
SRCINT | Source interface |
SRCADDR | Source IP address |
SRCPORT | Source Port |
DSTINT | Destination Interface |
DSTADDR | Destination Address |
DSTPORT | Destination Port |