Fields specific to the “l_plugin” log

Number of bytes sent.

Decimal format. Example: "14623"

Available from: SNS v1.0.0.

Sent

Example: “13 KB”.

Number of bytes received.

Decimal format. Example: "23631"

Available from: SNS v1.0.0.

Received

Example: “23 KB”

Duration of the connection in seconds.

Decimal format. Example: "173.15"

Duration

Example: "2m 53s 15"

Behavior associated with the filter rule.

Value: "pass ".

Action

Authentication method used or LDAP directory of the user authenticated by the firewall.

String of characters in UTF-8 format.

Example: domain="documentation.stormshield.eu"

Available from: SNS v3.0.0.

Number of the error class in an S7 response.

Digital format.

Available from: SNS v2.3.0.

Error code in the error class specified in the S7 response.

Available from: SNS v2.3.0.

Type of message for IEC104

Available from: SNS v3.1.0.

Code of the "userdata" group for an S7 message.

Available from: SNS v2.3.4.

Value of the "Unit Id" in a Modbus message.

Example: "255"

Available from: SNS v2.3.0.

Last client application detected on the connection.

Character string.

Example: clientappid=firefox

Available from: SNS v3.2.0.

Last server application detected on the connection.

Character string.

Example: serverappid=google

Available from: SNS v3.2.0.

Value of the "Service Code" field in the CIP message.

String of characters in UTF-8 format.

Example: cipservicecode=Get_Attribute_List

Available from: SNS v3.5.0.

Value of the "Class ID" field in the CIP message.

String of characters in UTF-8 format.

Example: cipclassid=Connection_Manager_Object

Available from: SNS v3.5.0.

Value of the "Version number" field for the NTP protocol.

Digital format.

Example: version=4.

Available from: SNS v3.8.0.

Value of the "Mode" field for an NTP request.

String of characters in UTF-8 format.

Example: requestmode=client.

Available from: SNS v3.8.0.