AnsweredAssumed Answered

Parsing a Firewall Log

Question asked by Renato Goncalves on Dec 27, 2017
Latest reply on Jan 18, 2018 by Renato Goncalves


I need to parse a firewall log but every time i parse it NW doesn't give me any useful results


This is the parser:


device="SFW" date=2017-01-01 time=13:36:34 timezone="WET" device_name="things" device_id=AA203100004445 log_id=010101600001 log_type="Firewall" l
og_component="Firewall Rule" log_subtype="Allowed" status="Allow" priority=Information duration=300 fw_rule_id=02 policy_type=1 user_name=""
user_gp="utilizadores" iap=66 ips_policy_id=7 appfilter_policy_id=8 application="Secure Socket Layer Protocol"
application_risk=10 application_technology="Network Protocol" application_category="Infrastructure" in_interface="" out_interface="WAN" src_mac=00: 0:00: 0:00: 0
src_ip= src_country_code=A1 dst_ip= dst_country_code=USA protocol="TCP" src_port=12345 dst_port=123 sent_pkts=66  recv_pkts=66 sent_bytes=6666
recv_bytes=6666 tran_src_ip= tran_src_port=0 tran_dst_ip= tran_dst_port=0 srczonetype="LAN" srczone="LAN" dstzonetype="WAN" dstzone="WAN" dir_disp="" connevent="Stop" connid="2183694848" vconnid="" hb_health="No Heartbeat"


Im using NW LPT1.0