Table sem5.dbo.FIREWALL_REPORT
Keeps the administrator-defined filters for the NTP Traffic and Packets logs

Generated by
SchemaSpy
Legend:
Primary key columns
Columns with indexes
Implied relationships
Excluded column relationships
< n > number of related tables
 
Column Type Size Nulls Auto Default Children Parents Comments
FIREWALLFILTER_IDX char 32
USER_ID char 32 ('') GUID of the user who created this filter
FILTERNAME nvarchar 510 ('') Filter name
STARTDATEFROM datetime 16,3 ('19700101') Start date
STARTDATETO datetime 16,3 ('19700101') End date
RELATIVEDATETYPE int 4 ((0)) 0 = past week
1 = past month
2 = past three months
3 = past year
4 = past 24 hours
5 = current month
FIREWALLTYPE int 4 ((0)) 1 = Traffic, 2 = Packets
SEVERITY int 4  √  (NULL) 1 = Critical, 5 = Major, 9 = Minor, 13 = Info
EVENTTYPE int 4  √  (NULL) Events for Traffic :
307 = Ethernet packet,
306 = ICMP packet,
308 = IP packet,
303 = Ping request,
301 = TCP initiated,
304 = TCP completed,
302 = UDP datagram,
305 = Other
Events for Packet:
401 = Raw Ethernet
BLOCKED int 4  √  (NULL) 1 = Blocked, 0 = Not blocked
PROTOCOL int 4  √  (NULL) 1 = Other, 2 = TCP, 3 = UDP, 4 = ICMP
DIRECTION int 4  √  (NULL) 1 = Inbound, 2 = Outbound, 0 = Unknown
LOCALPORT int 4  √  (NULL) Port number
SITELIST nvarchar 510 ('') Comma-separated, wild-carded site names by which to filter
SERVERGROUPLIST nvarchar 510 ('') Comma-separated, wild-carded domain names by which to filter
CLIENTGROUPLIST nvarchar 510 ('') Comma-separated, wild-carded group names by which to filter
PARENTSERVERLIST nvarchar 510 ('') Comma-separated, wild-carded server names by which to filter
COMPUTERLIST nvarchar 1024 ('') Comma-separated, wild-carded computer names by which to filter
IPADDRESSLIST nvarchar 510 ('') Comma-separated, wild-carded IP list by which to filter
REMOTEHOSTLIST nvarchar 510 ('') Comma-separated, wild-carded remote computer names by which to filter
REMOTEIPADDRLIST nvarchar 510 ('') Comma-separated, wild-carded remote IP list by which to filter
USERLIST nvarchar 510 ('') Comma-separated, wild-carded user names by which to filter
SORTORDER varchar 32 ('EVENT_TIME') Column in table to sort by
SORTDIR varchar 5 ('DESC') DESC = Descending, ASC = Ascending
LIMITROWS int 4 ((20)) Number of rows to use for pagination
USERELATIVE char 2 ('on') Use relative dates ('on') or absolute dates
REPORT_IDX int 4 ('0') Not used
REPORTINPUTS nvarchar 128 ('') Special parameters if report needs them
USN bigint 8 ((1)) A USN-based serial number; this ID is not unique.
TIME_STAMP bigint 8 ((0)) The time when the event is logged into system (GMT), which is server side time
DELETED tinyint 1 ((0)) Delete row; 0 = Not deleted, 1 = Deleted
FULL_CHARTS varchar 255 ('') Not used

Analyzed at Mon Oct 29 12:07 PDT 2012

Indexes:
Column(s) Type Sort Constraint Name
USER_ID + FILTERNAME + FIREWALLTYPE Primary key Asc/Asc/Asc PK_FIREWALLREPORT