Code Monitor

Admin
Administrateur du site
Messages : 99
Enregistré le : Jeu 2 Avr 2015 21:39

Code Monitor

Messagepar Admin » Mer 15 Nov 2017 07:37

https://www.paloaltonetworks.com/docume ... gging.html

Session End Reason Description
threat

The firewall detected a threat associated with a reset, drop, or block (IP address) action that is defined in a security rule.
policy-deny

The session matched a security policy with a deny or drop action.
tcp-rst-from-client

The client sent a TCP reset to the server.
tcp-rst-from-server

The server sent a TCP reset to the client.
resources-unavailable

The session dropped because of a system resource limitation. For example, the session could have exceeded the number of out-of-order packets allowed per flow or the global out-of-order packet queue.
tcp-fin

One host or both hosts in the connection sent a TCP FIN message to close the session.
tcp-reuse

A session is reused and the firewall closes the previous session.
decoder

The decoder detects a new connection within the protocol (such as HTTP-Proxy) and ends the previous connection.
aged-out

The session aged out.
unknown

This value applies in the following situations:
For logs generated in a PAN-OS release that does not support the session end reason field (releases older than 6.1), the value will be unknown after an upgrade to the current PAN-OS release or after the logs are loaded onto the firewall.
In Panorama, logs received from firewalls for which the PAN-OS version does not support session end reasons will have a value of unknown.

Qui est en ligne

Utilisateurs parcourant ce forum : Aucun utilisateur enregistré et 1 invité