Open
Description
Patterns for CISCO ASA-7-609001, ASA-6-604103, ASA-6-303002, ASA-6-607001 are missing.
ASA-6-303002 has already been requested in issue #208 and an implementation has been provided in #226
Sample Data:
<123>asa %ASA-7-609001: Built local-host outside:192.0.2.42
<123>asa %ASA-6-604103: DHCP daemon interface WLAN_Guests: address granted abcd.abcd.abcd.e7 (192.0.2.42)
<123>asa %ASA-6-604103: DHCP daemon interface WLAN_Guests: address granted abcd.abcd.abcd (192.0.2.42)
<123>asa %ASA-6-303002: FTP connection from inside:203.0.113.42/54321 to outside:192.0.2.42/21, user testuser Stored file test-file
<123>asa %ASA-6-607001: Pre-allocate SIP NOTIFY UDP secondary channel for DMZ:192.0.2.42/12006 to inside:203.0.113.42 from 200 message
Possible implementation for ASA-7-609001:
CISCOFW7609001 Built local-host %{DATA:interface}:%{IP:dst_ip}
Possible implementation for ASA-6-607001:
CISCOFW6607001 Pre-allocate %{WORD:protocol} NOTIFY UDP secondary channel for %{DATA:src_interface}:%{IP:src_ip}/%{INT:src_port} to %{DATA:dst_interface}:%{IP:dst_ip} from %{POSINT:message_count} message
Possible implementation for ASA-6-604103:
CISCOFW6604103 DHCP daemon interface %{GREEDYDATA:interface}: address granted %{MAC:dst_mac}(?:\.[A-Da-f0-9]{2})? \(%{IP:dst_ip}\)
Possible implementation for ASA-6-303002 (from #226 ):
CISCOFW303002 FTP connection from %{DATA:src_interface}:%{IP:src_ip}/%{INT:src_port} to %{DATA:dst_interface}:%{IP:dst_ip}/%{INT:dst_port}, user %{DATA:dst_user} %{DATA:ftp_action} file %{DATA:filename}
Metadata
Metadata
Assignees
Labels
No labels