Table of Contents
Advertisement
138
U
E
SING THE
VENT
V
IEWER
Table 6-4 Event Details (continued)
Parameter
Pre NAT Source
Port
Pre NAT
Destination IP
Pre NAT
Destination Port
Post NAT Source
IP
Post NAT Source
Port
Post NAT
Destination IP
Post NAT
Destination Port
Protocol
Username
QID
Device
Event Count
Start Time
End Time
Device Time
Payload
Matched Custom
Rules
Annotations
Description
For a firewall or another device capable of NAT, this parameter
indicates the source port before the NAT values were applied.
For a firewall or another device capable of NAT, this parameter
indicates the destination IP address before the NAT values were
applied.
For a firewall or another device capable of NAT, this parameter
indicates the destination port before the NAT values were
applied.
For a firewall or another device capable of NAT, this parameter
indicates the source IP address after the NAT values were
applied.
For a firewall or another device capable of NAT, this parameter
indicates the source port after the NAT values were applied.
For a firewall or another device capable of NAT, this parameter
indicates the destination IP address after the NAT values were
applied.
For a firewall or another device capable of NAT, this parameter
indicates the destination port after the NAT values were applied.
Specifies the protocol associated with this event.
Specifies the username associated with this event, if available.
Specifies the STRM identifier for this event. Each event has a
unique QID. For information on mapping a QID, see
Event Mapping
.
Specifies the device that sent the event to STRM.
Specifies the total number of bundled events that constitute this
normalized event. Events are bundled when many of the same
type of event for the same source and destination IP address are
seen within a short period of time.
Specifies the time of the first event, as reported to STRM by the
device.
Specifies the end time of the last event, as reported to STRM by
the device.
Specifies the system time of the device.
Specifies payload content from the event. To view the payload in
Hex, click Hex. To view the payload in UTF, click UTF. To view in
Base64, click Base64.
Specifies custom rules that have matched to this event. For more
information on rules, see the STRM Administration Guide.
Specifies the annotation or notes for this event.
STRM Users Guide
Modifying
Advertisement
Table of Contents
Related Manuals for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - REV1
Related Products for Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - REV1
- Juniper NETWORKS STRM - TECHNICAL NOTE REV 6-2008
- Juniper JUNOS - NETWORK OPERATION GUIDE REV1
- Juniper JUNOSE 11.1.0 - REV 4-29-2010
- Juniper MEDIA FLOW CONTROLLER 2.0.5 - S REV 15-11-2010
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - INSTALLATION REV1
- Juniper E SERIES BROADBAND SERVICES ROUTERS 11.3.X - E120 AND E320 MODULE GUIDE REV 01-10-2010
- Juniper E SERIES BROADBAND SERVICES ROUTERS 11.3.X - E120 AND E320 HARDWARE GUIDE REV 9-29-2010
- Juniper E SERIES BROADBAND SERVICES ROUTERS 11.3.X - ERX MODULE GUIDE REV 27-9-2010