This topic describes the fields of the log entries for Internet traffic.
Log field | Description |
__topic__ | The topic of a log entry. Valid value: cloudfirewall_access_log. |
log_type | The type of a log entry. Valid value: internet_log. This value indicates a log entry for Internet traffic. |
aliuid | The ID of an Alibaba Cloud account. |
app_name | The name of the protocol over which an application is accessed. The value can be HTTPS, NTP, SIP, SMB, NFS, or DNS. If the protocol is unknown, the value Unknown is displayed. |
direction | The direction of Internet traffic. Valid values:
|
domain | The domain name of a destination server. |
dst_ip | The IP address of a destination server. |
dst_port | The destination port. |
end_time | The time when a session ends. The value is a UNIX timestamp. Unit: seconds. |
in_bps | The rate of inbound traffic. Unit: bit/s. |
in_packet_bytes | The total size of inbound packets. Unit: bytes. |
in_packet_count | The total number of inbound packets. |
in_pps | The rate of inbound packets. Unit: packet/s. |
ip_protocol | The type of an IP protocol. Valid values: TCP and UDP. |
out_bps | The rate of outbound traffic. Unit: bit/s. |
out_packet_bytes | The total size of outbound packets. Unit: bytes. |
out_packet_count | The total number of outbound packets. |
out_pps | The rate of outbound packets. Unit: packet/s. |
region_id | The region from which access traffic is originated, for example, cn-beijing. |
rule_result | The result of how an access policy processes Internet traffic. Valid values:
|
src_ip | The IP address of a source server. |
src_port | The source port. A host sends traffic data from this port. |
start_time | The time when a session starts. The value is a UNIX timestamp. Unit: seconds. |
start_time_min | The time when a session starts. The value is a UNIX timestamp. The value is rounded up to the next minute. Unit: seconds. |
tcp_seq | The sequence number of a TCP segment. |
total_bps | The total rate of inbound and outbound packets. Unit: bit/s. |
total_packet_bytes | The total size of inbound and outbound packets. Unit: bytes. |
total_packet_count | The total number of packets. |
total_pps | The total rate of inbound and outbound packets. Unit: packet/s. |
src_private_ip | The private IP address of a source server. |
vul_level | The risk level of a vulnerability. Valid values:
|
url | The URL of a resource that is accessed. |
acl_rule_id | The ID of an access control list (ACL) policy that is matched. |
ips_rule_id | The ID of an intrusion prevention system (IPS) policy that is matched. |
ips_ai_rule_id | The ID of an intelligent policy that is matched. |
ips_rule_name | The Chinese name of an IPS policy that is matched. |
ips_rule_name_en | The English name of an IPS policy that is matched. |
attack_type_name | The Chinese name of an attack type. |
attack_type_name_en | The English name of an attack type. |