Escolar Documentos
Profissional Documentos
Cultura Documentos
DATA FIELDS
TYPE
DESCRIPTION
Date
date
2.
Time
time
For the dropped traffic - the date when the packet was dropped
by Cyberoam
Time (hh:mm:ss) when the event occurred
For the allowed traffic - the tome when the connection was
started on Cyberoam
3.
4.
5.
Device Name
Device Id
Log Id
String
String
string
For the dropped traffic - the time when the packet was dropped
by Cyberoam
Model Number of the Cyberoam Appliance
Unique Identifier of the Cyberoam Appliance
Unique 7 characters code (c1c2c3c4c5c6c7) e.g. 0101011,
0102011
c1c2 represents Log Type e.g. 01
c3c4 represents Log Component e.g. Firewall, local ACL
c5c6 represents Log Sub Type e.g. allow, violation
4.
Log Type
string
SR.
No.
5.
DATA FIELDS
TYPE
DESCRIPTION
Log Component
string
6.
string
08 Fragmented traffic
Event when any fragmented traffic is dropped due to Advanced
Firewall settings. Refer to Console Guide Page no. 59 for more
details.
Decision taken on traffic
Possible values:
01 Allowed
Traffic permitted to and through Cyberoam based on the
firewall rule settings
7.
8.
9.
10.
11.
Status
Priority
Duration
Firewall Rule ID
User
string
string
02 Violation
Traffic dropped based on the firewall rule settings, local ACL
settings, DOS settings or due to invalid traffic.
Ultimate state of traffic (accept/deny)
Severity level of traffic
integer
integer
string
Possible values:
01 Notice
Durability of traffic
Firewall rule id of traffic
User Id
SR.
No.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
DATA FIELDS
TYPE
DESCRIPTION
User Group
IAP
In Interface
string
integer
string
Group Id of user
Internet Access policy Id applied for traffic
Interface for incoming traffic e.g. eth0
string
string
string
integer
integer
integer
integer
integer
integer
integer
Out Interface
Source IP
Destination IP
Protocol
Source Port
Destination Port
ICMP Type
ICMP Code
Sent Packets
Received
Packets
Sent Bytes
Received Bytes
Translated
Source IP
Translated
Source Port
integer
integer
integer
integer
29.
Translated
Destination IP
integer
30.
Translated
Destination Port
integer
Invalid traffic
Cyberoam will define following traffic as Invalid traffic:
Short IP Packet
IP Packets with bad IP checksum
IP Packets with invalid header and/or data length
Truncated/malformed IP packet
Packets of Ftp-bounce Attack
Short ICMP packet
ICMP packets with bad ICMP checksum
ICMP packets with wrong ICMP type/code
Short UDP packet
Truncated/malformed UDP packet