This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
gcarella
Participant
‎2022-05-19 02:28 AM

Security logs rule_action maning

Jump to solution

Hi all,

 

I'm analyzing a security logs that has fields action="accept" and rule_action="2".

What does it mean ruel_action field?

 

From official documentation rule_action is the "Action of the matched rule in the access policy".

Description of Fields in Check Point Logs

 

Anyone has an idea?

 

Thank you.

Gianluigi

0 Kudos
1 Solution

Accepted Solutions
Chris_Atkinson
Employee
Employee
‎2022-05-19 08:01 AM

Jump to solution

Action of matched rule
Possible values:
0 - Drop
1 - Reject
2 - Accept
3 - Encrypt
4 - Decrypt
17 - Authorize
18 - Deauthorize
30 - Bypass
33 - Block
34 - Detect
39 - Do not send
43 - Allow
46 - Ask User
61 - Extract

View solution in original post

3 Replies
Chris_Atkinson
Employee
Employee
‎2022-05-19 08:01 AM

Jump to solution

Action of matched rule
Possible values:
0 - Drop
1 - Reject
2 - Accept
3 - Encrypt
4 - Decrypt
17 - Authorize
18 - Deauthorize
30 - Bypass
33 - Block
34 - Detect
39 - Do not send
43 - Allow
46 - Ask User
61 - Extract

gcarella
Participant
‎2022-05-19 08:28 AM
In response to Chris_Atkinson

Jump to solution

Thank you Chris.

0 Kudos
the_rock
Champion
Champion
‎2022-05-19 10:58 AM
In response to Chris_Atkinson

Jump to solution

Just curious, is there a document showing that anywhere?

0 Kudos