Fields specific to the “l_plugin” log

The fields described below are shown in the firewall's web administration interface in the Application connections (plugin) module in the Audit logs > Logs menu and in the All logs, Network traffic, Web and E-mails views in the Audit logs > Views menu.

sent

Number of bytes sent.

Decimal format. Example: "14623"

Available from: SNS v1.0.0.

Sent

Example: “13 KB”.

rcvd

Number of bytes received.

Decimal format. Example: "23631"

Available from: SNS v1.0.0.

Received

Example: “23 KB

duration

Duration of the connection in seconds.

Decimal format. Example: "173.15"

Duration

Example: "2m 53s 15"

action

Behavior associated with the filter rule.

Value: "pass ".

Action

domain

Authentication method used or LDAP directory of the user authenticated by the firewall.

String of characters in UTF-8 format.

Example: domain="documentation.stormshield.eu"

Available from: SNS v3.0.0.

Method or directory
error_class

Number of the error class in an S7 response.

Digital format.

Available from: SNS v2.3.0.

error_code

Error code in the error class specified in the S7 response.

Available from: SNS v2.3.0.

format

Type of message for IEC104

Available from: SNS v3.1.0.

group

Code of the "userdata" group for an S7 message.

Available from: SNS v2.3.4.

unit_id

Value of the "Unit Id" in a Modbus message.

Example: "255"

Available from: SNS v2.3.0.

clientappid

Last client application detected on the connection.

Character string.

Example: clientappid=firefox

Available from: SNS v3.2.0.

Client application
serverappid

Last server application detected on the connection.

Character string.

Example: serverappid=google

Available from: SNS v3.2.0.

Server application
cipservicecode

Value of the "Service Code" field in the CIP message.

String of characters in UTF-8 format.

Example: cipservicecode=Get_Attribute_List

Available from: SNS v3.5.0.

cipclassid

Value of the "Class ID" field in the CIP message.

String of characters in UTF-8 format.

Example: cipclassid=Connection_Manager_Object

Available from: SNS v3.5.0.

version

Value of the "Version number" field for the NTP protocol.

Digital format.

Example: version=4.

Available from: SNS v3.8.0.

requestmode

Value of the "Mode" field for an NTP request.

String of characters in UTF-8 format.

Example: requestmode=client.

Available from: SNS v3.8.0.

responsemode

Value of the "Mode" field for an NTP response.

String of characters in UTF-8 format.

Example: responsemode=server.

Available from: SNS v3.8.0.