MONITOR CONNECTION

Level

log_read

History

Format Appears in 9 0 0
host, srcifname, dstifname, slotlevel, ruleid, rtidname and qidname appear in 9 1 0
srcmac, natslotlevel, natruleid and username appear in 1 0 0
maxcount, bytes, lastuse, dstport and state appears in 3 0 0
ifname appears in 3 5 0
geo, iprep appears in 3 8 0

Description

List connection information with at least one filter

Usage

[host=<host_address_or_name>] [ifname=<interface>] [srcifname=<interface>] [dstifname=<interface>] [slotlevel=<slot> ruleid=<rule>] [rulename=<rulename>] [state=<all,recovery,skel,open,c_syn,s_syn,data,close,closed,hopen,reset>] [natslotlevel=<slot> natruleid=<rule>] [rtidname=<router_name>] [qidname=<qidname>] [srcmac=<macaddr>] [username=<user>] [dstport=<integer port|string port name>] [plugin=<plugin_name>] [bytes=<integer_with_metric>] [lastuse=<integer>] [maxcount=<integer>] [confid=<integer>] [geo=<geo>] [iprep=any|none|<string>]

Returns

time : connection creation time
id : unique identifier
parentid : parent unique identifier for protocol like ftp or 0 if not used
proto : protocol (tcp, udp, http, )
src : source IP address
srcname : client object name, or miniDNS client name for source IP address
srcmac : source ETHERNET address
srcport : source port
srcportname : source port object name
dst : destination IP address
dstname : destination object name, or miniDNS server name for destination IP address
dstport : destination port
dstportname : destination port object name
srcif : packets source interface
dstif : packets destination interface
sent : bytes sent
rcvd : bytes received
duration : duration in seconds
lastuse : time in seconds since last use
rtid : router ID
rtidname : router ID name
slotlevel : slot level
ruleid : rule ID
confid : configuration ID
natslotlevel : nat slot level
natruleid : nat rule ID
state : state of TCP connection
qidname : Qos ID name
username : username for the connexion
: protocol dependent field

Format

section_line