Field names of liblognorm

Last changes: 2011-01-14

This page shall hold a list of default field names for liblognorm. The list consists of the field name, syntax and description. How a field works in general and what the field syntax options are can be reviewed in the Rulebase section of the manual. The list is not yet complete. New field names will be added as soon as they are defined.

Field nameSyntaxDescription
src-ip%src-ip:ipv4%The field for the Source IP. This is commonly used in Firewall logs. It is the IP where a package is sent from.
dst-ip%dst-ip:ipv4%The field for the Destination IP. This is commonly used in Firewall logs. It is the IP where a package is sent to.
src-port%src-port:number%The source port.
dst-port%dst-port:number%The destination port.
date%date:date-rfc3164%Date in the Format of RFC3164