Resolution
What data fields in the CheckPoint Firewall-1 logs map to what parameters in Security Manager?
fact
Security Manager 3.X
fact
Security Manager 4.X
fact
Security Manager 5.X
fix
SM Event Firewall Event
Param Number Data Field Name Description of the Field
.1. Origin Name of the host enforcing the rule that caused the logged event.
2. Interface Hardware interface at which the logged event occurred
3. Type control / log / alert
4. .
; Action Action that caused the event to be logged.5. Source The source IP of the communication.
6. S_Port The source port.
7. Destination The destination IP of the communication.
8. Service The service (destination port) requested by this communication.
9. Protocol The communication protocol used.
10. Rule &n.
bsp; The number of the rule in the rule base that was applied to this packet.11. Direction Direction of connection (inbound or outbound)
12. User The user name
13. SrcKey ID The KeyID of the source of an encrypted communication.
14. DstKey ID The KeyID of the destination of an encrypted communication.
15. Elapsed The duration of the connection.
16. &n.
bsp; Bytes The number of bytes transferred.17. Xlate Source Translated source IP of the communication.
18. Xlate Sport Translated source port.
19. Xlate Destination Translated destination of the communication.
20. Xlate Dport Translated destination port.
21. Information Additional information not included in other fields.