WSM Reference Guide - WatchGuard Technologies
WSM Reference Guide - WatchGuard Technologies
WSM Reference Guide - WatchGuard Technologies
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Traffic Logs<br />
dst_ip="66.35.250.151" pr="tcp/http" src_port="4345" dst_port="80"<br />
src_intf="1-Trusted" dst_intf="0-External" src_ip_nat="250.168.43.6"<br />
src_port_nat="13419" rc="523" msg="Conn End" proxy_act="HTTP-Client.2"<br />
log_type="tr"/><br />
Each proxy has its own set of messages. The tables here show the log messages each proxy can write to<br />
the log file, and the secondary fields for each log message.<br />
SMTP Proxy Traffic Log Messages<br />
Text in Message Field<br />
Associated Fields<br />
SMTP GREETING<br />
hostname<br />
rule_name<br />
SMTP AUTH<br />
authtype<br />
rule_name<br />
SMTP HEADER<br />
header<br />
SMTP FROM ADDRESS<br />
address<br />
length<br />
response<br />
new_address<br />
header<br />
SMTP TO ADDRESS<br />
address<br />
new_address<br />
length<br />
response<br />
SMTP CONTENT TYPE<br />
content_type<br />
rule_name<br />
sender<br />
recipient<br />
SMTP Command<br />
keyword<br />
response<br />
SMTP FILENAME<br />
file_name<br />
rule_name<br />
sender<br />
recipients<br />
SMTP TIMEOUT<br />
timeout<br />
SMTP AV VIRUS<br />
virus<br />
filename<br />
content_type<br />
sender<br />
recipient<br />
SMTP AV TOO BIG<br />
filename<br />
type<br />
Message Meaning<br />
Value that appears in associated field(s)<br />
There is an invalid message in HELO state<br />
hostname sent in SMTP greeting<br />
name of rule matched in ruleset<br />
The AUTH type used matces a configured proxy rule<br />
AUTH type used<br />
name of rule matched in ruleset<br />
The SMTP header matches a configured proxy rule.<br />
header name<br />
The sender e-mail address matches a configured proxy rule<br />
the sender e-mail address (from envelope)<br />
length in bytes of address<br />
response code returned to client<br />
new address, if address rewrite used<br />
if header rewrite feature is used<br />
The recipient e-mail address matches a configured proxy rule<br />
recipient e-mail address (from envelope)<br />
new address, if address rewrite used<br />
length in bytes of address<br />
response code returned to client<br />
The content type matches a configured proxy rule<br />
the content type found by the SMTP proxy<br />
name of rule matched in ruleset<br />
sender e-mail address (from envelope)<br />
recipient e-mail addresses (from envelope)<br />
The full SMTP command as received from the SMTP client<br />
values include EXPN, HELP, NOOP, etc.<br />
response code returned to client<br />
The filename matches a configured proxy rule<br />
the file name<br />
name of rule matched in ruleset<br />
sender e-mail address (from envelope)<br />
recipient e-mail addresses (from envelope)<br />
The connection idle timeout was reached<br />
number of seconds configured to time-out<br />
The SMTP proxy found a virus<br />
the name of the virus found<br />
the filename<br />
the content type of the virus found<br />
sender e-mail address (from envelope)<br />
recipient e-mail addresses (from envelope)<br />
An attachment was too big to scan<br />
the filename<br />
the content type of the attachment<br />
<strong>Reference</strong> <strong>Guide</strong> 31