fw logging¶
Bind a logging template to firewall
logging Specification¶
Parameter Value Type Configuration Resource Element Name logging Element URI /axapi/v3/fw/logging Element Attributes logging_attributes Partition Visibility shared Statistics Data URI /axapi/v3/fw/logging/stats Schema logging schemaOperations Allowed:
| Operation | Method | URI | Payload | |
|---|---|---|---|---|
Create Object | POST | /axapi/v3/fw/logging | ||
Get Object | GET | /axapi/v3/fw/logging | ||
Modify Object | POST | /axapi/v3/fw/logging | ||
Replace Object | PUT | /axapi/v3/fw/logging | ||
Delete Object | DELETE | /axapi/v3/fw/logging |
logging attributes¶
gtp
Description: gtp is a JSON Block. Please see below for gtp
Type: Object
Reference Object: /axapi/v3/fw/logging/gtp
name
Description Logging Template Name
Type: string
Format: string-rlx
Maximum Length: 63 characters
Maximum Length: 1 characters
Reference Object: /axapi/v3/fw/template/logging
sampling-enable
Type: Listuuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
gtp¶
Specification Value Type object sampling-enable
Type: Listuuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
gtp_sampling-enable¶
Specification Value Type list Block object keys counters1
Description ‘all’: all; ‘log_type_gtp_invalid_teid’: Log Event Type GTP Invalid TEID; ‘log_gtp_type_reserved_ie_present’: Log Event Type GTP Reserved IE Present; ‘log_type_gtp_mandatory_ie_missing’: Log Event Type GTP Mandatory IE Missing; ‘log_type_gtp_mandatory_ie_inside_grouped_ie_missing’: Log Event Type GTP Mandatory IE Missing Inside Grouped IE; ‘log_type_gtp_msisdn_filtering’: Log Event Type GTP MSISDN Filtering; ‘log_type_gtp_out_of_order_ie’: Log Event Type GTP Out of Order IE V1; ‘log_type_gtp_out_of_state_ie’: Log Event Type GTP Out of State IE; ‘log_type_enduser_ip_spoofed’: Log Event Type GTP Enduser IP Spoofed; ‘log_type_crosslayer_correlation’: Log Event GTP Crosslayer Correlation; ‘log_type_message_not_supported’: Log Event GTP Reserved Message Found; ‘log_type_out_of_state’: Log Event GTP Out of State Message; ‘log_type_max_msg_length’: Log Event GTP Message Length Exceeded Max; ‘log_type_gtp_message_filtering’: Log Event Type GTP Message Filtering; ‘log_type_gtp_apn_filtering’: Log Event Type GTP Apn Filtering; ‘log_type_gtp_rat_type_filtering’: Log Event GTP RAT Type Filtering; ‘log_type_country_code_mismatch’: Log Event GTP Country Code Mismatch; ‘log_type_gtp_in_gtp_filtering’: Log Event GTP in GTP Filtering; ‘log_type_gtp_node_restart’: Log Event GTP SGW/PGW restarted; ‘log_type_gtp_seq_num_mismatch’: Log Event GTP Response Sequence number Mismatch; ‘log_type_gtp_rate_limit_periodic’: Log Event GTP Rate Limit Periodic; ‘log_type_gtp_rate_limit_periodic’: Log Event GTP Invalid message length across layers; ‘log_type_gtp_rate_limit_periodic’: Log Event GTP Protocol flag in header; ‘log_type_gtp_rate_limit_periodic’: Log Event GTP invalid spare bits in header; ‘log_type_gtp_rate_limit_periodic’: Log Event GTP invalid piggyback flag in header; ‘log_type_gtp_rate_limit_periodic’: Log Event invalid GTP version; ‘log_type_gtp_rate_limit_periodic’: Log Event mismatch of GTP message and ports;
Type: string
Supported Values: all, log_type_gtp_invalid_teid, log_gtp_type_reserved_ie_present, log_type_gtp_mandatory_ie_missing, log_type_gtp_mandatory_ie_inside_grouped_ie_missing, log_type_gtp_msisdn_filtering, log_type_gtp_out_of_order_ie, log_type_gtp_out_of_state_ie, log_type_enduser_ip_spoofed, log_type_crosslayer_correlation, log_type_message_not_supported, log_type_out_of_state, log_type_max_msg_length, log_type_gtp_message_filtering, log_type_gtp_apn_filtering, log_type_gtp_rat_type_filtering, log_type_country_code_mismatch, log_type_gtp_in_gtp_filtering, log_type_gtp_node_restart, log_type_gtp_seq_num_mismatch, log_type_gtp_rate_limit_periodic, log_type_gtp_rate_limit_periodic, log_type_gtp_rate_limit_periodic, log_type_gtp_rate_limit_periodic, log_type_gtp_rate_limit_periodic, log_type_gtp_rate_limit_periodic, log_type_gtp_rate_limit_periodic
sampling-enable¶
Specification Value Type list Block object keys counters1
Description ‘all’: all; ‘log_message_sent’: Log Packet Sent; ‘log_type_reset’: Log Event Type Reset; ‘log_type_deny’: Log Event Type Deny; ‘log_type_session_closed’: Log Event Type Session Close; ‘log_type_session_opened’: Log Event Type Session Open; ‘rule_not_logged’: Firewall Rule Not Logged; ‘log-dropped’: Log Packets Dropped; ‘tcp-session-created’: TCP Session Created; ‘tcp-session-deleted’: TCP Session Deleted; ‘udp-session-created’: UDP Session Created; ‘udp-session-deleted’: UDP Session Deleted; ‘icmp-session-deleted’: ICMP Session Deleted; ‘icmp-session-created’: ICMP Session Created; ‘icmpv6-session-deleted’: ICMPV6 Session Deleted; ‘icmpv6-session-created’: ICMPV6 Session Created; ‘other-session-deleted’: Other Session Deleted; ‘other-session-created’: Other Session Created; ‘http-request-logged’: HTTP Request Logged; ‘http-logging-invalid-format’: HTTP Logging Invalid Format Error; ‘dcmsg_permit’: Dcmsg Permit; ‘alg_override_permit’: Alg Override Permit; ‘template_error’: Template Error; ‘ipv4-frag-applied’: IPv4 Fragmentation Applied; ‘ipv4-frag-failed’: IPv4 Fragmentation Failed; ‘ipv6-frag-applied’: IPv6 Fragmentation Applied; ‘ipv6-frag-failed’: IPv6 Fragmentation Failed; ‘out-of-buffers’: Out of Buffers; ‘add-msg-failed’: Add Message to Buffer Failed; ‘tcp-logging-conn-established’: TCP Logging Conn Established; ‘tcp-logging-conn-create-failed’: TCP Logging Conn Create Failed; ‘tcp-logging-conn-dropped’: TCP Logging Conn Dropped; ‘log-message-too-long’: Log message too long; ‘http-out-of-order-dropped’: HTTP out-of-order dropped; ‘http-alloc-failed’: HTTP Request Info Allocation Failed; ‘sctp-session-created’: SCTP Session Created; ‘sctp-session-deleted’: SCTP Session Deleted; ‘log_type_sctp_inner_proto_filter’: Log Event Type SCTP Inner Proto Filter; ‘tcp-logging-port-allocated’: TCP Logging Port Allocated; ‘tcp-logging-port-freed’: TCP Logging Port Freed; ‘tcp-logging-port-allocation-failed’: TCP Logging Port Allocation Failed; ‘iddos-blackhole-entry-create’: iDDoS IP Entry Created; ‘iddos-blackhole-entry-delete’: iDDoS IP Entry Deleted; ‘session-limit-exceeded’: Session Limit Exceeded;
Type: string
Supported Values: all, log_message_sent, log_type_reset, log_type_deny, log_type_session_closed, log_type_session_opened, rule_not_logged, log-dropped, tcp-session-created, tcp-session-deleted, udp-session-created, udp-session-deleted, icmp-session-deleted, icmp-session-created, icmpv6-session-deleted, icmpv6-session-created, other-session-deleted, other-session-created, http-request-logged, http-logging-invalid-format, dcmsg_permit, alg_override_permit, template_error, ipv4-frag-applied, ipv4-frag-failed, ipv6-frag-applied, ipv6-frag-failed, out-of-buffers, add-msg-failed, tcp-logging-conn-established, tcp-logging-conn-create-failed, tcp-logging-conn-dropped, log-message-too-long, http-out-of-order-dropped, http-alloc-failed, sctp-session-created, sctp-session-deleted, log_type_sctp_inner_proto_filter, tcp-logging-port-allocated, tcp-logging-port-freed, tcp-logging-port-allocation-failed, iddos-blackhole-entry-create, iddos-blackhole-entry-delete, session-limit-exceeded