Log Field Description¶
This section describes the log fields interconnected with LTS.
Attack Event Logs¶
Field | Type | Description |
|---|---|---|
src_ip | string | Source IP address |
src_port | string | Source port number |
dst_ip | string | Destination IP address |
dst_port | string | Destination port number |
protocol | string | Protocol type |
app | string | Application type |
src_region_name | string | Source region name |
src_region_id | string | Source region ID |
dst_region_name | string | Destination region name |
dst_region_id | string | Destination region ID |
log_type | string | Log type.
|
vsys | long | Firewall protection direction.
|
direction | string | Traffic direction.
|
action | string | Response action of the firewall.
|
packet | string | Original data packet of the attack log. Note The encoding format is Base64. |
attack_rule | string | Defense rule that works for the detected attack |
attack_rule_id | string | ID of the defense rule that works for the detected attack |
attack_type | string | Type of the attack.
|
level | string | Level of detected threats.
|
source | string | Defense for the detected attack.
|
event_time | long | Attack time |
Access Control Logs¶
Field | Type | Description |
|---|---|---|
rule_id | string | ID of the triggering rule |
src_ip | string | Source IP address |
src_port | string | Source port number |
dst_ip | string | Destination IP address |
dst_port | string | Destination port number |
src_region_name | string | Source region name |
src_region_id | string | Source region ID |
dst_region_name | string | Destination region name |
dst_region_id | string | Destination region ID |
log_type | string | Log type.
|
dst_host | string | Destination domain name |
vsys | long | Firewall protection direction.
|
protocol | string | Protocol type |
app | string | Application type |
direction | string | Traffic direction.
|
action | string | Response action of the firewall.
|
hit_time | long | Time of an access |
Traffic Logs¶
Field | Type | Description |
|---|---|---|
src_ip | string | Source IP address |
src_port | string | Source port number |
dst_ip | string | Destination IP address |
dst_port | string | Destination port number |
protocol | string | Protocol type |
app | string | Application type |
direction | string | Traffic direction.
|
action | string | Response action of the firewall.
|
src_region_name | string | Source region name |
src_region_id | string | Source region ID |
src_vpc | string | ID of the VPC that the source IP address belongs to |
dst_region_name | string | Destination region name |
dst_region_id | string | Destination region ID |
dst_vpc | string | ID of the VPC that the destination IP address belongs to |
log_type | string | Log type.
|
dst_host | string | Destination domain name |
vsys | long | Firewall protection direction.
|
hit_time | long | Time of an access |
to_s_bytes | long | Number of bytes sent from the client to the server |
to_c_bytes | long | Number of bytes sent from the server to the client |
to_s_pkts | long | Number of packets sent from the client to the server |
to_c_pkts | long | Number of packets sent from the server to the client |
bytes | long | Number of bytes of the protected traffic |
packets | long | Number of packets in the protected traffic |
start_time | long | Stream start time |
end_time | long | Stream end time |