Hello guys,
could you let me know the definitions of fields like "is_first_for_luuid" in the Checkpoint logs through OPSEC LEA app?
Are there useless fields in your opinion that we could filter from the app GUI like log_version, uuid, rule_uid...?
time=1604660518|loc=6427159|fileid=1604657959|action=accept|orig=xxx|i/f_dir=inbound|i/f_name=bond0.89|has_accounting=0|logId=-1|log_type=log|log_sequence_num=0|is_first_for_luuid=131072|log_version=1|uuid=<5fa52d25,0002012f,fd000d0a,c0000005>|product=VPN-1 & FireWall-1|rule=1104|rule_uid={C243B342-AD50-4161-B1FD-26C033DE9D57}|rule_name=150609A|service_id=tcp_8089|src=xxx|s_port=35718|dst=xxx|service=8089|proto=tcp|__policy_id_tag=product=VPN-1 & FireWall-1[db_tag={F5CF3E23-0C69-E441-8BD6-4C39EDD32B61};mgmt=xxx;date=1604590675;policy_name=xxx]
Thanks.