Juniper Network Security Manager¶
Description¶
Constructor : Juniper
Product : Network Security Manager
Log type(s) : N/A
Log sample¶
1 | <185>Jan 22 10:52:41 10.10.10.10 20150122, 5518874, 2015/01/22 09:52:36, 2015/01/22 09:52:35, global, 1, fietspomp, 10.10.10.10, traffic, traffic log, global, (NULL), 10.10.10.10, 1234, 10.10.10.10, 1234, global, (NULL), 10.10.10.10, 1234, 10.10.10.10, 1234, udp, global, 1, fietspomp, fw/vpn, 12, 32, accepted, info, no, Creation, (NULL), (NULL), (NULL), 0, 0, 0, 0, 0, 0, 0, 1, no, 0, Not Set, sos |
Fields normalization¶
Mandatory :
| Normalized fields | Parsed fields |
|---|---|
| [obs][ts] | [juniper][time_generated] |
| [obs][host][name | [juniper][device] |
| [obs][host][ip] | [juniper][device_ip] |
| [init][host][net] | [juniper][source_zone] |
| [init][host][if] | [juniper][source_interface] |
| [init][host][ip] | [juniper][source_ip] |
| [init][host][port] | [juniper][source_port] |
| [init][host][nat][ip] | [juniper][nat_src_ip] |
| [init][host][nat][port] | [juniper][nat_src_port] |
| [target][host][net] | [juniper][destination_zone] |
| [target][host][if] | [juniper][destination_interface] |
| [target][host][ip] | [juniper][destination_ip] |
| [target][host][port] | [juniper][destination_port] |
| [target][host][nat][ip] | [juniper][nat_dst_ip] |
| [target][host][nat][port] | [juniper][nat_dst_port] |
| [app][proto][name] | [juniper][protocol] |
| [session][duration] | [juniper][elapsed_secs] |
| [session][out][byte] | [juniper][bytes_out] |
| [session][in][byte] | [juniper][bytes_in] |
| [session][in][packet] | [juniper][packets_in] |
| [session][out][packet] | [juniper][packets_out] |
| alarm][name] | [juniper][category] + [juniper][action] |