Fields specific to the "l_monitor" log

Some of the fields described below are shown in the Monitoring > Monitoring module, in the views: System, Interfaces and QoS.

security	Indicator of the Firewall’s security status. This value is used by the fleet management tool (Stormshield Network Unified Manager) to provide information on the security status (minor, major alarms, etc). Decimal format representing a percentage.
system	Indicator of the Firewall’s system status. This value is used by the fleet management tool (Stormshield Network Unified Manager) to provide information on the system status (available RAM, CPU use, bandwidth, interfaces, fullness of audit logs, etc). Decimal format representing a percentage.
CPU	Firewall’s CPU consumption: Time allocated to the management of user processes, Time consumed by the kernel, Time allocated to system disruptions. Format: 3 numeric values separated by commas. Example: CPU=1,0,2
CPU	System monitoring / CPU load
Pvm	All indicators regarding vulnerability management: Total number of vulnerabilities detected, number of vulnerabilities that can be exploited remotely, number of vulnerabilities requiring the installation of a server on the vulnerable host in order to be exploited, number of vulnerabilities classified as critical, number of vulnerabilities classified as minor, number of vulnerabilities classified as major, number of vulnerabilities that have a bug fix, total amount of information (all levels), number of minor data, number of major data, number of hosts for which PVM has gathered information, Format: 11 numeric values separated by commas. Example: “0,0,0,0,0,0,0,2,0,0,2”
EthernetXX	Indicators of bandwidth used for each of the active network interfaces: name of the interface. String of characters in UTF-8 format. incoming throughput (bits/second), maximum incoming throughput for a given period (bits/second), outgoing throughput (bits/second), maximum outgoing throughput for a given period (bits/second), number of packets accepted, number of packets blocked, Format: 7 values separated by commas. Example: "in,61515,128648,788241,1890520,2130,21"
EthernetXX	Interface monitoring / Bandwidth use
VlanXX	Indicators of bandwidth used for each of the VLANs defined: name of the VLAN. String of characters in UTF-8 format. incoming throughput (bits/second), maximum incoming throughput for a given period (bits/second), outgoing throughput (bits/second), maximum outgoing throughput for a given period (bits/second), number of packets accepted, number of packets blocked, Format: 7 values separated by commas. Example: "Vlan_Servers,61515,128648,788241,1890520"
VlanXX	Interface monitoring / Bandwidth use
QidXX	Indicators of bandwidth used for each QoS queue: name of the queue. String of characters in UTF-8 format. incoming throughput (bits/second), maximum incoming throughput for a given period (bits/second), outgoing throughput (bits/second), maximum outgoing throughput for a given period (bits/second), number of packets accepted, number of packets blocked, Format: 7 values separated by commas. Example: “http,5467,20128,1988,11704”
QidXX	QoS monitoring / Bandwidth use
WifiXX	Concerns only firewalls equipped with Wi-Fi antennas (W models). Indicators of bandwidth used for each active Wi-Fi access points: name of the access point. String of characters in UTF-8 format. incoming throughput (bits/second), maximum incoming throughput for a given period (bits/second), outgoing throughput (bits/second), maximum outgoing throughput for a given period (bits/second), number of packets accepted, number of packets blocked, Format: 7 values separated by commas. Example: "Public_WiFi,61515,128648,788241,1890520,2130,21"
wldev0	Concerns only firewalls equipped with Wi-Fi antennas (W models). Indicators of bandwidth used for each physical interface that supports the firewall's Wi-Fi access points: name of the interface. String of characters in UTF-8 format. incoming throughput (bits/second), maximum incoming throughput for a given period (bits/second), outgoing throughput (bits/second), maximum outgoing throughput for a given period (bits/second), number of packets accepted, number of packets blocked, Format: 7 values separated by commas. Example: "Physic_WiFi,61515,128648,788241,1890520,2130,21"
sslvpnX	Indicators of bandwidth used by SSL VPN traffic. : name of the interface. String of characters in UTF-8 format. incoming throughput (bits/second), maximum incoming throughput for a given period (bits/second), outgoing throughput (bits/second), maximum outgoing throughput for a given period (bits/second), number of packets accepted, number of packets blocked, sslvpn0 represents TCP-based SSL VPN traffic. sslvpn1 represents UDP-based SSL VPN traffic. Format: 7 values separated by commas. Example: "sslvpn_udp,61515,128648,788241,1890520,2130,21"
ipsecXX	Indicators of bandwidth used by IPSec interfaces: name of the interface. String of characters in UTF-8 format. incoming throughput (bits/second), maximum incoming throughput for a given period (bits/second), outgoing throughput (bits/second), maximum outgoing throughput for a given period (bits/second), number of packets accepted, number of packets blocked, ipsec represents traffic associated with the native IPSec interface (non virtual). ipsec1, ipsec2, etc. represent traffic associated with the virtual IPSec interfaces defined on the firewall. Format: 7 values separated by commas. Example: "Primary_VTI,61515,128648,788241,1890520,2130,21"
aggXX	Indicators of bandwidth used by interface aggregates: name of the interface. String of characters in UTF-8 format. incoming throughput (bits/second), maximum incoming throughput for a given period (bits/second), outgoing throughput (bits/second), maximum outgoing throughput for a given period (bits/second), number of packets accepted, number of packets blocked, Format: 7 values separated by commas. Example: "Production_LACP,61515,128648,788241,1890520,2130,21"