What data fields in the CheckPoint Firewall-1 logs map to what parameters in Security Manager? (NETIQKB14492)

  • 7714492
  • 02-Feb-2007
  • 10-Sep-2007


What data fields in the CheckPoint Firewall-1 logs map to what parameters in Security Manager?

Security Manager 3.X

Security Manager 4.X

Security Manager 5.X


      SM Event                Firewall Event


 Param Number         Data Field Name          Description of the Field                                                                    


1.                             Origin                       Name of the host enforcing the rule that caused the logged event.

2.                             Interface                 Hardware interface at which the logged event occurred

3.                             Type                        control / log / alert

4.                        .
Action                      Action that caused the event to be logged.

5.                             Source                     The source IP of the communication.

6.                             S_Port                     The source port.

7.                             Destination              The destination IP of the communication.

8.                             Service                    The service (destination port) requested by this communication.

9.                             Protocol                   The communication protocol used.

10.                           Rule    &n.
The number of the rule in the rule base that was applied to this packet.

11.                           Direction  Direction of connection (inbound or outbound)

12.                           User                         The user name

13.                           SrcKey ID                The KeyID of the source of an encrypted communication.

14.                           DstKey ID                The KeyID of the destination of an encrypted communication.

15.                           Elapsed                    The duration of the connection.

16.                    &n.
Bytes                       The number of bytes transferred.

17.                           Xlate Source            Translated source IP of the communication.

18.                           Xlate Sport              Translated source port.

19.                           Xlate Destination Translated destination of the communication.

20.                           Xlate Dport               Translated destination port.

21.                           Information             Additional information not included in other fields.


Additional Information

Formerly known as NETIQKB14492