Setup
- XG software: SFVH (SFOS 17.0.0 GA)
Question
In both the GUI and syslogs, FW log entires have a "policy_type" field. I have searched the Net and the XG documentation all to no avail - this field is not defined anywhere I've looked.
Can someone explain what this field means?
The following is the same entry from syslog - I think the same field is called "policy_type" as opposed to "Rule Type" as is found in the GUI log:
Dec 8 12:46:03 192.168.5.212 device="SFW" date=2017-12-08 time=12:46:03 timezone="PST" device_name="SFVH" device_id=[ DEVICE_ID_MASKED ] log_id=010102600002 log_type="Firewall" log_component="Firewall Rule" log_subtype="Denied" status="Deny" priority=Information duration=0 fw_rule_id=3 policy_type=2 user_name="" user_gp="" iap=2 ips_policy_id=0 appfilter_policy_id=0 application="" application_risk=0 application_technology="" application_category="" in_interface="Port1" out_interface="" src_mac=[ MAC_MASKED ] src_ip=192.168.5.11 src_country_code= dst_ip=75.75.75.75 dst_country_code= protocol="UDP" src_port=40259 dst_port=53 sent_pkts=0 recv_pkts=0 sent_bytes=0 recv_bytes=0 tran_src_ip= tran_src_port=0 tran_dst_ip= tran_dst_port=0 srczonetype="" srczone="" dstzonetype="" dstzone="" dir_disp="" connid="" vconnid="" hb_health="No Heartbeat" message="" appresolvedby="Signature"
This thread was automatically locked due to age.
