WatchGuard Firebox
编辑WatchGuard Firebox
编辑WatchGuard Firebox 是一种提供网络安全功能的防火墙设备。Firebox 是一种功能强大的网络安全设备,可控制外部网络和受信任网络之间的所有流量。Fireware OS 是在 Firebox 上运行的软件。Fireware 包括一个 Web UI,让您可以轻松管理和监控网络中的每个 Firebox。
数据流
编辑此集成通过 UDP 输入支持从 WatchGuard Firebox 摄取日志。
日志 用于检索 Firebox 生成的日志消息。有关更多详细信息,请参阅 此处 的文档。
要求
编辑必须安装 Elastic Agent。有关更多信息,请参阅 此处 的链接。
安装和管理 Elastic Agent
编辑您有几种安装和管理 Elastic Agent 的选项
安装 Fleet 管理的 Elastic Agent(推荐)
编辑使用此方法,您可以安装 Elastic Agent 并使用 Kibana 中的 Fleet 在中心位置定义、配置和管理您的代理。我们建议使用 Fleet 管理,因为它使您的代理的管理和升级变得更加容易。
以独立模式安装 Elastic Agent(高级用户)
编辑使用此方法,您可以安装 Elastic Agent 并在安装它的系统上本地手动配置代理。您负责管理和升级代理。此方法仅保留给高级用户。
在容器化环境中安装 Elastic Agent
编辑您可以在容器内部运行 Elastic Agent,无论是使用 Fleet Server 还是独立运行。所有版本的 Elastic Agent 的 Docker 镜像均可从 Elastic Docker 注册表中获得,并且我们提供了在 Kubernetes 上运行的部署清单。
运行 Elastic Agent 有一些最低要求,有关更多信息,请参阅 此处 的链接。
最低要求的 Kibana 版本 是 8.13.0。
此模块已针对 Fireware v12.10.3 进行了测试。
设置
编辑按照 设置指南 将 Firebox 日志消息转发到 syslog 服务器。
在 Elastic 中启用集成
编辑- 在 Kibana 中,转到“管理”>“集成”。
- 在“搜索集成”搜索栏中,键入 WatchGuard Firebox。
- 从搜索结果中单击“WatchGuard Firebox”集成。
- 单击“添加 WatchGuard Firebox”按钮以添加集成。
- 根据启用的输入类型,添加所有必需的集成配置参数。
- 单击“保存并继续”以保存集成。
日志参考
编辑日志
编辑这是 Log 数据集。
示例
log 的示例事件如下所示
{
"@timestamp": "2024-01-16T15:19:05.000Z",
"agent": {
"ephemeral_id": "5a9738b6-025a-4df4-861e-1cc1eea5c622",
"id": "7aaba523-565c-4597-bc42-59135436336b",
"name": "docker-fleet-agent",
"type": "filebeat",
"version": "8.13.0"
},
"data_stream": {
"dataset": "watchguard_firebox.log",
"namespace": "76887",
"type": "logs"
},
"destination": {
"bytes": 282,
"geo": {
"city_name": "Changchun",
"continent_name": "Asia",
"country_iso_code": "CN",
"country_name": "China",
"location": {
"lat": 43.88,
"lon": 125.3228
},
"region_iso_code": "CN-22",
"region_name": "Jilin Sheng"
},
"ip": [
"175.16.199.1"
],
"port": [
25
]
},
"ecs": {
"version": "8.11.0"
},
"elastic_agent": {
"id": "7aaba523-565c-4597-bc42-59135436336b",
"snapshot": false,
"version": "8.13.0"
},
"email": {
"sender": {
"address": "[email protected]"
},
"to": {
"address": [
"wg@localhost"
]
}
},
"event": {
"agent_id_status": "verified",
"category": [
"email"
],
"dataset": "watchguard_firebox.log",
"ingested": "2024-08-07T05:26:04Z",
"kind": "event",
"original": "<139>Jan 16 15:19:05 WatchGuard-Firebox FVE6035FD3AE3 (2024-01-19T08:48:15) firewall: msg_id=\"1BFF-000F\" Allow 1-Trusted 0-External tcp 10.0.1.2 175.16.199.1 39398 25 msg=\"SMTP request\" proxy_act=\"SMTP-Outgoing.1\" rcvd_bytes=\"272\" sent_bytes=\"282\" sender=\"[email protected]\" recipients=\"wg@localhost\" server_ssl=\"ECDHE-RSA-AES256-GCMSHA384\" client_ssl=\"AES128-SHA256\" tls_profile=\"TLS-Client.Standard\" (SMTP-proxy-00)",
"outcome": "success",
"timezone": "UTC",
"type": [
"info"
]
},
"input": {
"type": "udp"
},
"log": {
"source": {
"address": "192.168.240.4:51247"
},
"syslog": {
"appname": "firewall",
"hostname": "WatchGuard-Firebox",
"priority": 139
}
},
"network": {
"bytes": 554,
"community_id": "1:jKtS0CPHMiYL+rYXXHskx9Y4Gig=",
"transport": "tcp"
},
"observer": {
"egress": {
"interface": {
"alias": "0-External"
}
},
"hostname": "WatchGuard-Firebox",
"ingress": {
"interface": {
"alias": "1-Trusted"
}
},
"product": "Firebox",
"serial_number": "FVE6035FD3AE3",
"type": "firewall",
"vendor": "WatchGuard"
},
"related": {
"hosts": [
"WatchGuard-Firebox"
],
"ip": [
"10.0.1.2",
"175.16.199.1"
],
"user": [
"wg@localhost",
"[email protected]"
]
},
"rule": {
"name": [
"SMTP-proxy-00"
]
},
"source": {
"bytes": 272,
"ip": [
"10.0.1.2"
],
"port": [
39398
]
},
"tags": [
"preserve_original_event",
"preserve_duplicate_custom_fields",
"forwarded",
"watchguard_firebox-log"
],
"tls": {
"client": {
"supported_ciphers": [
"AES128-SHA256"
]
}
},
"watchguard_firebox": {
"log": {
"bytes_in": 272,
"bytes_out": 282,
"client_ssl": "AES128-SHA256",
"destination_ip": "175.16.199.1",
"destination_ip_geo": {
"city_name": "Changchun",
"continent_name": "Asia",
"country_iso_code": "CN",
"country_name": "China",
"location": {
"lat": 43.88,
"lon": 125.3228
},
"region_iso_code": "CN-22",
"region_name": "Jilin Sheng"
},
"destination_port": 25,
"disposition": "Allow",
"in_interface_name": "1-Trusted",
"log_type": "traffic",
"msg": "SMTP request",
"msg_id": "1BFF-000F",
"out_interface_name": "0-External",
"policy_name": "SMTP-proxy-00",
"proxy_act": "SMTP-Outgoing.1",
"recipients": "wg@localhost",
"sender": "[email protected]",
"serial_number": "FVE6035FD3AE3",
"server_ssl": "ECDHE-RSA-AES256-GCMSHA384",
"source_ip": "10.0.1.2",
"source_port": 39398,
"syslog_timestamp": "2024-01-16T15:19:05.000Z",
"timestamp": "2024-01-19T08:48:15.000Z",
"tls_profile": "TLS-Client.Standard",
"transport": "tcp"
}
}
}
导出的字段
| 字段 | 描述 | 类型 |
|---|---|---|
@timestamp |
事件时间戳。 |
日期 |
data_stream.dataset |
数据流数据集。 |
constant_keyword |
data_stream.namespace |
数据流命名空间。 |
constant_keyword |
data_stream.type |
数据流类型。 |
constant_keyword |
event.dataset |
事件数据集。 |
constant_keyword |
event.module |
事件模块。 |
constant_keyword |
input.type |
filebeat 输入的类型。 |
keyword |
log.offset |
日志偏移量。 |
长整型 |
log.source.address |
从中读取/发送日志事件的源地址。 |
keyword |
watchguard_firebox.log.action |
keyword |
|
watchguard_firebox.log.action_name |
keyword |
|
watchguard_firebox.log.address |
keyword |
|
watchguard_firebox.log.app_beh_id |
keyword |
|
watchguard_firebox.log.app_beh_name |
keyword |
|
watchguard_firebox.log.app_cat_id |
keyword |
|
watchguard_firebox.log.app_cat_name |
keyword |
|
watchguard_firebox.log.app_control_disposition |
keyword |
|
watchguard_firebox.log.app_id |
keyword |
|
watchguard_firebox.log.app_name |
keyword |
|
watchguard_firebox.log.arg |
keyword |
|
watchguard_firebox.log.attachment |
keyword |
|
watchguard_firebox.log.authenticated_user |
keyword |
|
watchguard_firebox.log.authenticated_user_domain |
keyword |
|
watchguard_firebox.log.authentication_method |
keyword |
|
watchguard_firebox.log.authentication_server |
keyword |
|
watchguard_firebox.log.authentication_type |
keyword |
|
watchguard_firebox.log.beh_name |
keyword |
|
watchguard_firebox.log.blocked_site_limit |
长整型 |
|
watchguard_firebox.log.bootup_time |
日期 |
|
watchguard_firebox.log.bounce_ip |
ip |
|
watchguard_firebox.log.bytes |
长整型 |
|
watchguard_firebox.log.bytes_in |
长整型 |
|
watchguard_firebox.log.bytes_out |
长整型 |
|
watchguard_firebox.log.call_from |
ip |
|
watchguard_firebox.log.call_to |
ip |
|
watchguard_firebox.log.category_name |
keyword |
|
watchguard_firebox.log.cats |
keyword |
|
watchguard_firebox.log.certificate_id |
keyword |
|
watchguard_firebox.log.certificate_issuer |
keyword |
|
watchguard_firebox.log.certificate_subject |
keyword |
|
watchguard_firebox.log.certificate_type |
keyword |
|
watchguard_firebox.log.client_name |
keyword |
|
watchguard_firebox.log.client_ssl |
keyword |
|
watchguard_firebox.log.cluster_id |
keyword |
|
watchguard_firebox.log.cluster_role |
keyword |
|
watchguard_firebox.log.cn |
keyword |
|
watchguard_firebox.log.codec |
keyword |
|
watchguard_firebox.log.command |
keyword |
|
watchguard_firebox.log.content |
keyword |
|
watchguard_firebox.log.content_inspection |
keyword |
|
watchguard_firebox.log.content_source |
keyword |
|
watchguard_firebox.log.content_type |
keyword |
|
watchguard_firebox.log.ctl_dst_ip |
ip |
|
watchguard_firebox.log.ctl_dst_port |
长整型 |
|
watchguard_firebox.log.ctl_src_ip |
ip |
|
watchguard_firebox.log.ctl_src_port |
长整型 |
|
watchguard_firebox.log.current_ca_certificate_version |
keyword |
|
watchguard_firebox.log.current_connection |
长整型 |
|
watchguard_firebox.log.current_session |
长整型 |
|
watchguard_firebox.log.data |
keyword |
|
watchguard_firebox.log.destination_device |
keyword |
|
watchguard_firebox.log.destination_ip |
ip |
|
watchguard_firebox.log.destination_ip_geo.city_name |
keyword |
|
watchguard_firebox.log.destination_ip_geo.continent_name |
keyword |
|
watchguard_firebox.log.destination_ip_geo.country_iso_code |
keyword |
|
watchguard_firebox.log.destination_ip_geo.country_name |
keyword |
|
watchguard_firebox.log.destination_ip_geo.location |
geo_point |
|
watchguard_firebox.log.destination_ip_geo.region_iso_code |
keyword |
|
watchguard_firebox.log.destination_ip_geo.region_name |
keyword |
|
watchguard_firebox.log.destination_name |
keyword |
|
watchguard_firebox.log.destination_port |
长整型 |
|
watchguard_firebox.log.destination_user |
keyword |
|
watchguard_firebox.log.destination_user_domain |
keyword |
|
watchguard_firebox.log.details |
keyword |
|
watchguard_firebox.log.dev_name |
keyword |
|
watchguard_firebox.log.device |
keyword |
|
watchguard_firebox.log.device_id |
keyword |
|
watchguard_firebox.log.disposition |
keyword |
|
watchguard_firebox.log.dlp_rule |
keyword |
|
watchguard_firebox.log.dlp_sensor |
keyword |
|
watchguard_firebox.log.dns_ip_address |
ip |
|
watchguard_firebox.log.dns_question |
keyword |
|
watchguard_firebox.log.domain |
keyword |
|
watchguard_firebox.log.duration |
长整型 |
|
watchguard_firebox.log.elapsed_time |
keyword |
|
watchguard_firebox.log.email_length |
长整型 |
|
watchguard_firebox.log.encoding |
keyword |
|
watchguard_firebox.log.encoding_type |
keyword |
|
watchguard_firebox.log.error |
keyword |
|
watchguard_firebox.log.exception_rule |
keyword |
|
watchguard_firebox.log.exchange_role |
keyword |
|
watchguard_firebox.log.exchange_type |
keyword |
|
watchguard_firebox.log.expected |
keyword |
|
watchguard_firebox.log.expected_interface |
keyword |
|
watchguard_firebox.log.expected_ip |
ip |
|
watchguard_firebox.log.expected_protocol |
keyword |
|
watchguard_firebox.log.expected_value |
长整型 |
|
watchguard_firebox.log.failure_count |
长整型 |
|
watchguard_firebox.log.feature_expiration_date |
日期 |
|
watchguard_firebox.log.feature_key |
keyword |
|
watchguard_firebox.log.feature_name |
keyword |
|
watchguard_firebox.log.file_name |
keyword |
|
watchguard_firebox.log.flags |
keyword |
|
watchguard_firebox.log.from |
keyword |
|
watchguard_firebox.log.from_header |
keyword |
|
watchguard_firebox.log.gateway |
keyword |
|
watchguard_firebox.log.gateway_endpoint |
keyword |
|
watchguard_firebox.log.geo_destination |
keyword |
|
watchguard_firebox.log.group_name |
keyword |
|
watchguard_firebox.log.header |
keyword |
|
watchguard_firebox.log.headers_size |
长整型 |
|
watchguard_firebox.log.host_dest_domain |
keyword |
|
watchguard_firebox.log.host_dest_ip |
ip |
|
watchguard_firebox.log.hostname |
keyword |
|
watchguard_firebox.log.http_status |
长整型 |
|
watchguard_firebox.log.http_version |
keyword |
|
watchguard_firebox.log.ikev2_ikesa_state |
keyword |
|
watchguard_firebox.log.image_source |
keyword |
|
watchguard_firebox.log.in_interface_name |
keyword |
|
watchguard_firebox.log.in_spi |
keyword |
|
watchguard_firebox.log.info_msg |
keyword |
|
watchguard_firebox.log.inspect_action |
keyword |
|
watchguard_firebox.log.interface_id |
keyword |
|
watchguard_firebox.log.interface_name |
keyword |
|
watchguard_firebox.log.ip_address |
ip |
|
watchguard_firebox.log.ip_packet_length |
长整型 |
|
watchguard_firebox.log.iph_length |
长整型 |
|
watchguard_firebox.log.keyword |
keyword |
|
watchguard_firebox.log.length |
长整型 |
|
watchguard_firebox.log.limit |
长整型 |
|
watchguard_firebox.log.line |
keyword |
|
watchguard_firebox.log.line_length |
长整型 |
|
watchguard_firebox.log.link |
keyword |
|
watchguard_firebox.log.link_state |
keyword |
|
watchguard_firebox.log.local |
keyword |
|
watchguard_firebox.log.local_address |
ip |
|
watchguard_firebox.log.local_address_port |
长整型 |
|
watchguard_firebox.log.local_mask_ip |
keyword |
|
watchguard_firebox.log.lockout_type |
keyword |
|
watchguard_firebox.log.log_type |
keyword |
|
watchguard_firebox.log.logical |
keyword |
|
watchguard_firebox.log.mac |
keyword |
|
watchguard_firebox.log.mac_address |
keyword |
|
watchguard_firebox.log.mask |
ip |
|
watchguard_firebox.log.master_id |
keyword |
|
watchguard_firebox.log.max_user_connection |
长整型 |
|
watchguard_firebox.log.mbx |
keyword |
|
watchguard_firebox.log.md5 |
keyword |
|
watchguard_firebox.log.member_id |
keyword |
|
watchguard_firebox.log.member_info |
keyword |
|
watchguard_firebox.log.message |
keyword |
|
watchguard_firebox.log.method |
keyword |
|
watchguard_firebox.log.msg |
keyword |
|
watchguard_firebox.log.msg_id |
keyword |
|
watchguard_firebox.log.msg_info |
keyword |
|
watchguard_firebox.log.negotiation_ip |
ip |
|
watchguard_firebox.log.negotiation_mode |
keyword |
|
watchguard_firebox.log.negotiation_role |
keyword |
|
watchguard_firebox.log.new_action |
keyword |
|
watchguard_firebox.log.new_ca_certificate_version |
keyword |
|
watchguard_firebox.log.new_interface |
keyword |
|
watchguard_firebox.log.new_ip |
ip |
|
watchguard_firebox.log.new_ipv6 |
keyword |
|
watchguard_firebox.log.new_mask |
长整型 |
|
watchguard_firebox.log.new_policy_position |
长整型 |
|
watchguard_firebox.log.new_system_time |
keyword |
|
watchguard_firebox.log.next_update_time |
日期 |
|
watchguard_firebox.log.notification_gap_duration |
长整型 |
|
watchguard_firebox.log.notify_msg |
keyword |
|
watchguard_firebox.log.num |
长整型 |
|
watchguard_firebox.log.number_of_recipients |
长整型 |
|
watchguard_firebox.log.object |
keyword |
|
watchguard_firebox.log.offset |
长整型 |
|
watchguard_firebox.log.old_policy_position |
长整型 |
|
watchguard_firebox.log.op |
keyword |
|
watchguard_firebox.log.operation |
keyword |
|
watchguard_firebox.log.out_interface_name |
keyword |
|
watchguard_firebox.log.out_spi |
keyword |
|
watchguard_firebox.log.p1_sa_id |
keyword |
|
watchguard_firebox.log.package_release_time |
日期 |
|
watchguard_firebox.log.packets_count |
长整型 |
|
watchguard_firebox.log.packets_in |
长整型 |
|
watchguard_firebox.log.packets_out |
长整型 |
|
watchguard_firebox.log.pad_error |
keyword |
|
watchguard_firebox.log.path |
keyword |
|
watchguard_firebox.log.pcy_name |
keyword |
|
watchguard_firebox.log.peer_address |
ip |
|
watchguard_firebox.log.peer_address_port |
长整型 |
|
watchguard_firebox.log.physical_name |
keyword |
|
watchguard_firebox.log.policy_name |
keyword |
|
watchguard_firebox.log.pool_name |
keyword |
|
watchguard_firebox.log.port |
长整型 |
|
watchguard_firebox.log.previous_interface |
keyword |
|
watchguard_firebox.log.previous_ip |
ip |
|
watchguard_firebox.log.previous_ipv6 |
keyword |
|
watchguard_firebox.log.previous_mask |
长整型 |
|
watchguard_firebox.log.previous_system_time |
keyword |
|
watchguard_firebox.log.probe_method |
keyword |
|
watchguard_firebox.log.property_name |
keyword |
|
watchguard_firebox.log.protocol |
keyword |
|
watchguard_firebox.log.protocol_flags |
keyword |
|
watchguard_firebox.log.proxy_act |
keyword |
|
watchguard_firebox.log.proxy_host |
keyword |
|
watchguard_firebox.log.proxy_type |
keyword |
|
watchguard_firebox.log.query_class |
keyword |
|
watchguard_firebox.log.query_opcode |
keyword |
|
watchguard_firebox.log.query_type |
keyword |
|
watchguard_firebox.log.quota_info |
keyword |
|
watchguard_firebox.log.real_ip_address |
ip |
|
watchguard_firebox.log.reason |
keyword |
|
watchguard_firebox.log.reboot_hour |
长整型 |
|
watchguard_firebox.log.reboot_option |
keyword |
|
watchguard_firebox.log.reboot_second |
长整型 |
|
watchguard_firebox.log.reboot_status |
keyword |
|
watchguard_firebox.log.received |
keyword |
|
watchguard_firebox.log.received_dh_group |
长整型 |
|
watchguard_firebox.log.received_interface |
keyword |
|
watchguard_firebox.log.received_interface_index |
keyword |
|
watchguard_firebox.log.received_ip |
ip |
|
watchguard_firebox.log.received_message_id |
keyword |
|
watchguard_firebox.log.received_proto |
keyword |
|
watchguard_firebox.log.received_value |
长整型 |
|
watchguard_firebox.log.recipients |
keyword |
|
watchguard_firebox.log.record_type |
keyword |
|
watchguard_firebox.log.redirect_action |
keyword |
|
watchguard_firebox.log.remote |
keyword |
|
watchguard_firebox.log.remote_mask_ip |
keyword |
|
watchguard_firebox.log.reply |
keyword |
|
watchguard_firebox.log.reply_ip |
ip |
|
watchguard_firebox.log.reply_protocol |
keyword |
|
watchguard_firebox.log.reply_time |
日期 |
|
watchguard_firebox.log.reputation |
长整型 |
|
watchguard_firebox.log.req_or_resp |
keyword |
|
watchguard_firebox.log.response |
keyword |
|
watchguard_firebox.log.response_code |
长整型 |
|
watchguard_firebox.log.response_size |
长整型 |
|
watchguard_firebox.log.restore_type |
keyword |
|
watchguard_firebox.log.result |
keyword |
|
watchguard_firebox.log.retry_count |
长整型 |
|
watchguard_firebox.log.return_code |
长整型 |
|
watchguard_firebox.log.role |
keyword |
|
watchguard_firebox.log.route_type |
keyword |
|
watchguard_firebox.log.rule_name |
keyword |
|
watchguard_firebox.log.ruleset_name |
keyword |
|
watchguard_firebox.log.sa_id |
keyword |
|
watchguard_firebox.log.scan_stage |
keyword |
|
watchguard_firebox.log.scan_type |
keyword |
|
watchguard_firebox.log.scheme |
keyword |
|
watchguard_firebox.log.selected_dh_group |
长整型 |
|
watchguard_firebox.log.sender |
keyword |
|
watchguard_firebox.log.sequence_number |
长整型 |
|
watchguard_firebox.log.serial_number |
keyword |
|
watchguard_firebox.log.server_ip |
ip |
|
watchguard_firebox.log.server_name |
keyword |
|
watchguard_firebox.log.server_ssl |
keyword |
|
watchguard_firebox.log.service |
keyword |
|
watchguard_firebox.log.session_id |
keyword |
|
watchguard_firebox.log.severity |
长整型 |
|
watchguard_firebox.log.signature_category |
keyword |
|
watchguard_firebox.log.signature_id |
keyword |
|
watchguard_firebox.log.signature_name |
keyword |
|
watchguard_firebox.log.signature_version |
keyword |
|
watchguard_firebox.log.size |
长整型 |
|
watchguard_firebox.log.sni |
keyword |
|
watchguard_firebox.log.software_version |
keyword |
|
watchguard_firebox.log.source_ip |
ip |
|
watchguard_firebox.log.source_ip_geo.city_name |
keyword |
|
watchguard_firebox.log.source_ip_geo.continent_name |
keyword |
|
watchguard_firebox.log.source_ip_geo.country_iso_code |
keyword |
|
watchguard_firebox.log.source_ip_geo.country_name |
keyword |
|
watchguard_firebox.log.source_ip_geo.location |
geo_point |
|
watchguard_firebox.log.source_ip_geo.region_iso_code |
keyword |
|
watchguard_firebox.log.source_ip_geo.region_name |
keyword |
|
watchguard_firebox.log.source_port |
长整型 |
|
watchguard_firebox.log.source_user |
keyword |
|
watchguard_firebox.log.source_user_domain |
keyword |
|
watchguard_firebox.log.spi |
keyword |
|
watchguard_firebox.log.srv_ip |
ip |
|
watchguard_firebox.log.srv_port |
长整型 |
|
watchguard_firebox.log.ssl_offload |
keyword |
|
watchguard_firebox.log.state |
keyword |
|
watchguard_firebox.log.static_ip |
ip |
|
watchguard_firebox.log.status |
keyword |
|
watchguard_firebox.log.subsystem |
keyword |
|
watchguard_firebox.log.syslog_timestamp |
日期 |
|
watchguard_firebox.log.tag |
keyword |
|
watchguard_firebox.log.target |
keyword |
|
watchguard_firebox.log.task_uuid |
keyword |
|
watchguard_firebox.log.threat_level |
keyword |
|
watchguard_firebox.log.timeout |
长整型 |
|
watchguard_firebox.log.timestamp |
日期 |
|
watchguard_firebox.log.tls_profile |
keyword |
|
watchguard_firebox.log.tls_version |
keyword |
|
watchguard_firebox.log.to |
keyword |
|
watchguard_firebox.log.to_header |
keyword |
|
watchguard_firebox.log.tr_local |
keyword |
|
watchguard_firebox.log.tr_remote |
keyword |
|
watchguard_firebox.log.transport |
keyword |
|
watchguard_firebox.log.ttl |
长整型 |
|
watchguard_firebox.log.tunnel_name |
keyword |
|
watchguard_firebox.log.tunnel_type |
keyword |
|
watchguard_firebox.log.ui_type |
keyword |
|
watchguard_firebox.log.unit |
keyword |
|
watchguard_firebox.log.unlocked_by |
keyword |
|
watchguard_firebox.log.update |
keyword |
|
watchguard_firebox.log.updated_role |
keyword |
|
watchguard_firebox.log.user_auth_protocol |
keyword |
|
watchguard_firebox.log.user_domain |
keyword |
|
watchguard_firebox.log.user_name |
keyword |
|
watchguard_firebox.log.user_response_time |
日期 |
|
watchguard_firebox.log.user_type |
keyword |
|
watchguard_firebox.log.version |
keyword |
|
watchguard_firebox.log.version_number |
keyword |
|
watchguard_firebox.log.virtual_ip_address |
ip |
|
watchguard_firebox.log.virus |
keyword |
|
watchguard_firebox.log.vlan_id |
keyword |
|
watchguard_firebox.log.vpn_connection_type |
keyword |
|
watchguard_firebox.log.vpn_user_type |
keyword |
|
watchguard_firebox.log.wgrd_spam_id |
keyword |
|
watchguard_firebox.log.window_size |
长整型 |