firewallFieldResponseSchema
firewallFieldResponseSchema
Response schema for Firewall logs
JSON Example
{
"metaData": {
"limit": "number",
"more": false,
"nextPageLink": "string",
"prevPageLink": "string"
},
"data": [
{
"_source": {
"@timestamp": "string",
"logType": "string",
"enterpriseLogicalId": "string",
"edgeName": "string",
"ruleId": "string",
"edgeLogicalId": "string",
"actionTaken": "string",
"sessionId": "number",
"segmentLogicalId": "string",
"inputInterface": "string",
"protocol": "number",
"sourceIp": "string",
"destinationIp": "string",
"sourcePort": "number",
"destinationPort": "number",
"destination": "string",
"domainName": "string",
"firewallPolicyName": "string",
"segmentName": "string",
"extensionHeader": "string",
"application": "string",
"sessionDurationSecs": "number",
"bytesSent": "number",
"bytesReceived": "number",
"closeReason": "string",
"signatureId": "number",
"verdict": "string",
"signature": "string",
"category": "string",
"ruleVersion": "number",
"attackSource": "string",
"attackTarget": "string",
"severity": "number",
"idsAlert": "number",
"ipsAlert": "number"
}
}
],
"count": "number"
}array of firewallSearchDocumentSchema
data
Required
Data which contains logs for the log search response
number As float As float
count
Optional
Total log count for the log search query