>
    SCTP Syslog Default Field Order
    Focus
    Focus
    1. Home
    2. Strata Logging Service
    3. Network Logs
    4. SCTP
    5. SCTP Syslog Default Field Order
    Strata Logging Service

    SCTP Syslog Default Field Order

    Table of Contents

    SCTP Syslog Default Field Order

    Example SCTP log in Syslog: 
    Oct 13 01:09:49 gke-standard-cluster-2-pool-1-6ea9f13a-g2z7 695 <142>1 2020-10-13T01:09:49.516Z stream-logfwd20-156653024-10121421-eq28-harness-16kn logforwarder - panwlogs - 1,​2020-10-13T01:09:43.000000Z,​007051000113358,​SCTP,​,​,​2020-10-13T01:09:35.000000Z,​xxx.xx.x.xx,​xxx.xx.x.xx,​xxx.xx.x.xx,​xxx.xx.x.xx,​allow-business-apps,​,​"xxxxx\xxxxx o"xxxxxxxxxx"'"xxxxxxxxxx"test",​mcafee-endpoint-encryption,​vsys1,​untrust,​ethernet4Zone-test1,​,​,​rs-logging,​,​424904,​1,​21740,​17506,​25019,​4608,​2048,​tcp,​drop-packet,​0,​0,​0,​0,​,​PA-VM,​201003871,​-9223372036854775808,​1705351682,​12,​Medium,​255,​authentication failure,​8,​1565171669,​192004283,​0,​-1,​-1,​0,​0,​,​0,​0,​,​,​913,​19,​894,​2628,​1327,​1301,​f8800078-8fac-4abf-98a0-77c96ef3ca36,​1873cc5c-0d31,​pns_default,​pan-dp-77754f4,​,​,​,​,​2020-10-13T01:09:36.365000Z
    The following identifies the default field order for filters migrated from an earlier version of the log forwarding application. For log filters created after that migration, you specify the field order when you create a log filter by specifying the columns you want to receive.
    The fields are identified in the default order that they appear in each log line.
    HEADER, log_time, log_source_id, log_type.​value, sub_type.​value, config_version.​value, time_generated, source_ip.​value, dest_ip.​value, nat_source.​value, nat_dest.​value, rule_matched, source_user, dest_user, app, vsys, from_zone, to_zone, inbound_if.​value, outbound_if.​value, log_set, EMPTY, session_id, count_of_repeats, source_port, dest_port, nat_source_port, nat_dest_port, flags, protocol.​value, action.​value, dg_hier_level_1, dg_hier_level_2, dg_hier_level_3, dg_hier_level_4, vsys_name, log_source_name, sequence_no, action_flags, ep_assoc_id, payload_protocol_id, vendor_severity.​value, sctp_chunk_type, event_type.​value, event_code, verification_tag_1, verification_tag_2, sctp_cause_code, diam_app_id, diam_cmd_code, diam_avp_code, stream_id, association_end_reason.​value, map_op_code, sccp_calling_ssn, sccp_calling_gt, sctp_filter, chunks_total, chunks_sent, chunks_received, packets_total, packets_sent, packets_received, rule_matched_uuid, container_id, pod_namespace, pod_name, source_edl, dest_edl, source_dynamic_address_group, dest_dynamic_address_group, time_generated_high_res

    Recommended For You

    © 2024 Palo Alto Networks, Inc. All rights reserved.