Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
gcarella
Explorer

Security logs rule_action maning

Jump to solution

Hi all,

 

I'm analyzing a security logs that has fields action="accept" and rule_action="2".

What does it mean ruel_action field?

 

From official documentation rule_action is the "Action of the matched rule in the access policy".

Description of Fields in Check Point Logs

 

Anyone has an idea?

 

Thank you.

Gianluigi

0 Kudos
1 Solution

Accepted Solutions
Chris_Atkinson
Employee
Employee

Action of matched rule
Possible values:
0 - Drop
1 - Reject
2 - Accept
3 - Encrypt
4 - Decrypt
17 - Authorize
18 - Deauthorize
30 - Bypass
33 - Block
34 - Detect
39 - Do not send
43 - Allow
46 - Ask User
61 - Extract

View solution in original post

3 Replies
Chris_Atkinson
Employee
Employee

Action of matched rule
Possible values:
0 - Drop
1 - Reject
2 - Accept
3 - Encrypt
4 - Decrypt
17 - Authorize
18 - Deauthorize
30 - Bypass
33 - Block
34 - Detect
39 - Do not send
43 - Allow
46 - Ask User
61 - Extract

gcarella
Explorer

Thank you Chris.

0 Kudos
the_rock
Champion
Champion

Just curious, is there a document showing that anywhere?

0 Kudos