MONITOR CONNECTION

Level

log_read

History

Format Appears in 9.0.0
host, srcifname, dstifname, slotlevel, ruleid, rtidname and qidname appear in 9.1.0
srcmac, natslotlevel, natruleid and username appear in 1.0.0
maxcount, bytes, lastuse, dstport and state appears in 3.0.0
ifname appears in 3.5.0
geo, iprep appears in 3.8.0

Description

List connection information with at least one filter

Usage

[host=<host_address_or_name>] [ifname=<interface>] [srcifname=<interface>] [dstifname=<interface>] [slotlevel=<slot> ruleid=<rule>] [rulename=<rulename>] [state=<all,recovery,skel,open,c_syn,s_syn,data,close,closed,hopen,reset>] [natslotlevel=<slot> natruleid=<rule>] [rtidname=<router_name>] [qidname=<qidname>] [srcmac=<macaddr>] [username=<user>] [dstport=<integer port|string port name>] [plugin=<plugin_name>] [bytes=<integer_with_metric>] [lastuse=<integer>] [maxcount=<integer>] [confid=<integer>] [geo=<geo>] [iprep=any|none|<string>]

Returns

time : connection creation time
id : unique identifier
parentid : parent unique identifier for protocol like ftp or 0 if not used
proto : protocol (tcp, udp, http, ...)
src : source IP address
srcname : client object name, or miniDNS client name for source IP address
srcmac : source ETHERNET address
srcport : source port
srcportname : source port object name
dst : destination IP address
dstname : destination object name, or miniDNS server name for destination IP address
dstport : destination port
dstportname : destination port object name
srcif : packets source interface
dstif : packets destination interface
sent : bytes sent
rcvd : bytes received
duration : duration in seconds
lastuse : time in seconds since last use
rtid : router ID
rtidname : router ID name
slotlevel : slot level
ruleid : rule ID
confid : configuration ID
natslotlevel : nat slot level
natruleid : nat rule ID
state : state of TCP connection
qidname : Qos ID name
username : username for the connexion
... : protocol dependent field

Format

section_line