Module for handling the iptables logs.
Fields from the iptables logs.
-
iptables.ether_type -
Value of the ethernet type field identifying the network layer protocol.
type: long
-
iptables.flow_label -
IPv6 flow label.
type: integer
-
iptables.fragment_flags -
IP fragment flags. A combination of CE, DF and MF.
type: keyword
-
iptables.fragment_offset -
Offset of the current IP fragment.
type: long
ICMP fields.
-
iptables.icmp.code -
ICMP code.
type: long
-
iptables.icmp.id -
ICMP ID.
type: long
-
iptables.icmp.parameter -
ICMP parameter.
type: long
-
iptables.icmp.redirect -
ICMP redirect address.
type: ip
-
iptables.icmp.seq -
ICMP sequence number.
type: long
-
iptables.icmp.type -
ICMP type.
type: long
-
iptables.id -
Packet identifier.
type: long
-
iptables.incomplete_bytes -
Number of incomplete bytes.
type: long
-
iptables.input_device -
Device that received the packet.
type: keyword
-
iptables.precedence_bits -
IP precedence bits.
type: short
-
iptables.tos -
IP Type of Service field.
type: long
-
iptables.length -
Packet length.
type: long
-
iptables.output_device -
Device that output the packet.
type: keyword
TCP fields.
-
iptables.tcp.flags -
TCP flags.
type: keyword
-
iptables.tcp.reserved_bits -
TCP reserved bits.
type: short
-
iptables.tcp.seq -
TCP sequence number.
type: long
-
iptables.tcp.ack -
TCP Acknowledgment number.
type: long
-
iptables.tcp.window -
Advertised TCP window size.
type: long
-
iptables.ttl -
Time To Live field.
type: integer
UDP fields.
-
iptables.udp.length -
Length of the UDP header and payload.
type: long
Fields for Ubiquiti network devices.
-
iptables.ubiquiti.input_zone -
Input zone.
type: keyword
-
iptables.ubiquiti.output_zone -
Output zone.
type: keyword
-
iptables.ubiquiti.rule_number -
The rule number within the rule set.
type: keyword
-
iptables.ubiquiti.rule_set -
The rule set name.
type: keyword